exploitDog

GHSA-j3gv-8fxr-46g5

Опубликовано: 18 дек. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to execute an arbitrary OS command using a crafted HTTP request.

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to execute an arbitrary OS command using a crafted HTTP request.

Ссылки

EPSS

Процентиль: 87%

0.03336

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2024-53688

CVSS3: 7.2

nvd

около 1 года назад

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to execute an arbitrary OS command using a crafted HTTP request.

EPSS

Процентиль: 87%

0.03336

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-78