exploitDog

GHSA-f673-96m5-v64f

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution.

A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution.

Ссылки

EPSS

Процентиль: 78%

0.01153

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-644

CWE-74

Связанные уязвимости

CVE-2017-6031

CVSS3: 8.8

nvd

почти 9 лет назад

A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution.

EPSS

Процентиль: 78%

0.01153

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-644

CWE-74