exploitDog

GHSA-hx56-4qgw-5q6r

Опубликовано: 17 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share.

An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share.

Ссылки

EPSS

Процентиль: 44%

0.00213

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2025-25685

CVSS3: 7.5

nvd

11 месяцев назад

An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share.

BDU:2025-03270

CVSS3: 7.5

fstec

около 1 года назад

Уязвимость функции File Sharing веб-панели администратора микропрограммного обеспечения маршрутизаторов GL.iNet GL-MT3000, позволяющая нарушителю читать произвольные файлы

EPSS

Процентиль: 44%

0.00213

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22