exploitDog

GHSA-rjx4-6pxq-6pqg

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows local users (e.g., users who have command access as a consequence of CVE-2017-9479 exploitation) to read arbitrary files via UPnP access to /var/IGD/.

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows local users (e.g., users who have command access as a consequence of CVE-2017-9479 exploitation) to read arbitrary files via UPnP access to /var/IGD/.

Ссылки

EPSS

Процентиль: 19%

0.00059

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-9480

CVSS3: 5.5

nvd

больше 8 лет назад

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows local users (e.g., users who have command access as a consequence of CVE-2017-9479 exploitation) to read arbitrary files via UPnP access to /var/IGD/.

EPSS

Процентиль: 19%

0.00059

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200