exploitDog

GHSA-8mv8-wmgc-7crw

Опубликовано: 26 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/admin_access_1.

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/admin_access_1.

Ссылки

EPSS

Процентиль: 18%

0.00058

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-67015

CVSS3: 7.5

nvd

около 1 месяца назад

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/admin_access_1.

EPSS

Процентиль: 18%

0.00058

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284