exploitDog

GHSA-pqf8-45f6-3rgv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en is visited from a different web browser.

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en is visited from a different web browser.

Ссылки

EPSS

Процентиль: 67%

0.00536

Низкий

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2020-29127

CVSS3: 9.8

nvd

около 5 лет назад

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en is visited from a different web browser.

EPSS

Процентиль: 67%

0.00536

Низкий

CVE ID

Дефекты

CWE-287