Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-v773-rxxh-3x8r

Опубликовано: 29 нояб. 2022
Источник: github
Github: Не прошло ревью
CVSS3: 8.8

Описание

An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product's range.

An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product's range.

Ссылки

EPSS

Процентиль: 23%
0.00075
Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-44037

Дефекты

CWE-284
CWE-287

Связанные уязвимости

nvd логотип

CVE-2022-44037

CVSS3: 8.8
nvd
около 3 лет назад

An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product's range.

fstec логотип

BDU:2024-00877

CVSS3: 8.8
fstec
около 3 лет назад

Уязвимость программного обеспечения систем управления питанием ENERGY COMMUNICATION UNIT (ECU-C), связанная с недостатками разграничения доступа к коду сброса пароля, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 23%
0.00075
Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-44037

Дефекты

CWE-284
CWE-287