exploitDog

GHSA-cfr6-fjfx-m5r2

Опубликовано: 09 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings.

An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings.

Ссылки

EPSS

Процентиль: 99%

0.69803

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2023-49237

CVSS3: 9.8

nvd

около 2 лет назад

An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings.

EPSS

Процентиль: 99%

0.69803

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77