exploitDog

GHSA-jm85-849j-wmxc

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/device_service, as demonstrated by reading the admin password.

Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/device_service, as demonstrated by reading the admin password.

Ссылки

EPSS

Процентиль: 63%

0.00447

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2017-14743

CVSS3: 8.1

nvd

больше 8 лет назад

Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/device_service, as demonstrated by reading the admin password.

EPSS

Процентиль: 63%

0.00447

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-89