Описание
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:apple:airport_express:7.5:*:*:*:*:*:*:*
cpe:2.3:h:apple:airport_extreme:7.5:*:*:*:*:*:*:*
cpe:2.3:h:apple:time_capsule:7.5:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00357
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.
EPSS
Процентиль: 57%
0.00357
Низкий
5 Medium
CVSS2
Дефекты
CWE-264