exploitDog

GHSA-mmpq-qpj6-6r97

Опубликовано: 03 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.4

Описание

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename.

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename.

Ссылки

EPSS

Процентиль: 6%

0.00024

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-424

Связанные уязвимости

CVE-2025-49162

CVSS3: 6.4

nvd

8 месяцев назад

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename.

EPSS

Процентиль: 6%

0.00024

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-424