Описание
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, which makes it easier for remote attackers to download backup files via unspecified FTP requests.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:s2sys:netbox:2.5:*:*:*:*:*:*:*
cpe:2.3:h:s2sys:netbox:3.3:*:*:*:*:*:*:*
cpe:2.3:h:s2sys:netbox:4.0:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:h:linearcorp:emerge_50:*:*:*:*:*:*:*:*
cpe:2.3:h:linearcorp:emerge_5000:*:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:h:sonitrol:eaccess:*:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00485
Низкий
5 Medium
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
больше 3 лет назад
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, which makes it easier for remote attackers to download backup files via unspecified FTP requests.
EPSS
Процентиль: 65%
0.00485
Низкий
5 Medium
CVSS2
Дефекты
CWE-255