exploitDog

GHSA-xq2v-rr62-286c

Опубликовано: 13 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitive configuration data, including admin credentials.

KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitive configuration data, including admin credentials.

Ссылки

EPSS

Процентиль: 21%

0.00067

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2025-43988

CVSS3: 7.5

nvd

6 месяцев назад

KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitive configuration data, including admin credentials.

EPSS

Процентиль: 21%

0.00067

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200