exploitDog

GHSA-v8h2-p73v-3whx

Опубликовано: 11 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities.

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities.

Ссылки

EPSS

Процентиль: 73%

0.00782

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2024-36061

CVSS3: 9.8

nvd

около 1 года назад

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities.

EPSS

Процентиль: 73%

0.00782

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78