Описание
The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.
Ссылки
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:aprelium_technologies:abyss_web_server:1.0:*:*:*:*:*:*:*
cpe:2.3:a:aprelium_technologies:abyss_web_server:1.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01048
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.
EPSS
Процентиль: 77%
0.01048
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other