Описание
The Manager in Eye-Fi 1.1.2 generates predictable snonce values based on the time of day, which allows remote attackers to bypass authentication and upload arbitrary images by guessing the snonce.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:eye.fi:eye-fi_manager:1.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00409
Низкий
5 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
The Manager in Eye-Fi 1.1.2 generates predictable snonce values based on the time of day, which allows remote attackers to bypass authentication and upload arbitrary images by guessing the snonce.
EPSS
Процентиль: 61%
0.00409
Низкий
5 Medium
CVSS2
Дефекты
CWE-310