exploitDog

GHSA-82xw-m9w4-2cv9

Опубликовано: 17 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.

Ссылки

EPSS

Процентиль: 50%

0.00268

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2023-34216

CVSS3: 8.1

nvd

больше 2 лет назад

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.

BDU:2023-05030

CVSS3: 8.1

fstec

больше 2 лет назад

Уязвимость функции key-delete микропрограммного обеспечения маршрутизаторов Moxa серии TN-4900 и TN-5900, позволяющая создать или перезаписать произвольные файлы в системе

EPSS

Процентиль: 50%

0.00268

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-22