exploitDog

GHSA-h44q-vvxg-q9wr

Опубликовано: 23 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password.

Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password.

Ссылки

EPSS

Процентиль: 70%

0.00647

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2022-45599

CVSS3: 9.8

nvd

почти 3 года назад

Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password.

EPSS

Процентиль: 70%

0.00647

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-522