exploitDog

GHSA-h9wf-5xc8-6gmp

Опубликовано: 11 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

Ссылки

EPSS

Процентиль: 54%

0.00318

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2024-12009

CVSS3: 7.2

nvd

11 месяцев назад

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device.

BDU:2025-05042

CVSS3: 7.2

fstec

11 месяцев назад

Уязвимость функции ZyEE микропрограммного обеспечения усилителей Wi-Fi, абонентских терминалов Fiber ONT, маршрутизаторов DSL/Ethernet CPE, позволяющая нарушителю выполнять произвольные команды

EPSS

Процентиль: 54%

0.00318

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78