exploitDog

GHSA-ppmp-j437-m6h6

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.

An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.

Ссылки

EPSS

Процентиль: 98%

0.66661

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2018-5767

CVSS3: 9.8

nvd

почти 8 лет назад

An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.

EPSS

Процентиль: 98%

0.66661

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20