exploitDog

GHSA-ppwh-v8g5-pg9c

Опубликовано: 19 авг. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.

A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.

Ссылки

EPSS

Процентиль: 87%

0.03339

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2024-42633

CVSS3: 8.8

nvd

больше 1 года назад

A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.

EPSS

Процентиль: 87%

0.03339

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78