exploitDog

GHSA-6jmw-p67p-7q5c

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices, participates in mydlink Cloud Services by establishing a TCP relay service for HTTP, even though a TCP relay service for HTTPS is also established.

The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices, participates in mydlink Cloud Services by establishing a TCP relay service for HTTP, even though a TCP relay service for HTTPS is also established.

Ссылки

EPSS

Процентиль: 64%

0.00465

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2017-14419

CVSS3: 5.9

nvd

больше 8 лет назад

The D-Link NPAPI extension, as used on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices, participates in mydlink Cloud Services by establishing a TCP relay service for HTTP, even though a TCP relay service for HTTPS is also established.

EPSS

Процентиль: 64%

0.00465

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-295