exploitDog

CVE-2009-0695

Опубликовано: 19 июн. 2012

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dell:wyse_device_manager:4.7.0:*:*:*:*:*:*:*

cpe:2.3:a:dell:wyse_device_manager:4.7.1:*:*:*:*:*:*:*

cpe:2.3:a:dell:wyse_device_manager:4.7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.64232

Средний

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-m3cg-wrvh-hrx5

github

почти 4 года назад

hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.

EPSS

Процентиль: 98%

0.64232

Средний

7.5 High

CVSS2

Дефекты

CWE-287