exploitDog

GHSA-6vq6-9pm8-vpxf

Опубликовано: 02 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.

An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.

Ссылки

EPSS

Процентиль: 97%

0.29987

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2022-43325

CVSS3: 9.8

nvd

около 3 лет назад

An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.

EPSS

Процентиль: 97%

0.29987

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78