Описание
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.
EPSS
Процентиль: 76%
0.00933
Низкий
CVE ID
Связанные уязвимости
CVSS3: 8.8
nvd
почти 7 лет назад
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.
EPSS
Процентиль: 76%
0.00933
Низкий