Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-rrxp-76v8-qm7m

Опубликовано: 11 мар. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 2.1
CVSS3: 2.7

Описание

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem.

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem.

Ссылки

EPSS

Процентиль: 24%
0.00081
Низкий

2.1 Low

CVSS4

2.7 Low

CVSS3

CVE ID

CVE-2025-27398

Дефекты

CWE-78

Связанные уязвимости

nvd логотип

CVE-2025-27398

CVSS3: 2.7
nvd
11 месяцев назад

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem.

fstec логотип

BDU:2025-02899

CVSS3: 2.7
fstec
11 месяцев назад

Уязвимость микропрограммного обеспечения промышленных коммутаторов Siemens Scalance LPE9403, существующая из-за непринятия мер по нейтрализации специальных элементов, позволяющая нарушителю оказать влияние на целостность, конфиденциальность и доступность защищаемой информации

EPSS

Процентиль: 24%
0.00081
Низкий

2.1 Low

CVSS4

2.7 Low

CVSS3

CVE ID

CVE-2025-27398

Дефекты

CWE-78