Описание
A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryValue method, and (2) read arbitrary files via the GetTextFile method.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:friendly_technologies:friendly_pppoe_client:3.0.0.57:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11445
Средний
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryValue method, and (2) read arbitrary files via the GetTextFile method.
EPSS
Процентиль: 93%
0.11445
Средний
9.3 Critical
CVSS2
Дефекты
CWE-20