exploitDog

CVE-2013-3688

Опубликовано: 01 окт. 2013

Источник: nvd

CVSS2: 7.1

EPSS Низкий

Описание

The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to (1) cause a denial of service (device reboot) via a request to cgi-bin/reboot or (2) cause a denial of service (reboot and reset to factory defaults) via a request to cgi-bin/hardfactorydefault.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:h:tp-link:tl-sc3130:-:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-sc3130g:-:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-sc3171:-:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-sc3171g:-:*:*:*:*:*:*:*

cpe:2.3:o:tp-link:lm_firmware:*:*:*:*:*:*:*:*

Версия до 1.6.18p12_sign5 (включая)

EPSS

Процентиль: 70%

0.00625

Низкий

7.1 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-4fp4-rcxf-pqf5

github

больше 3 лет назад

The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to (1) cause a denial of service (device reboot) via a request to cgi-bin/reboot or (2) cause a denial of service (reboot and reset to factory defaults) via a request to cgi-bin/hardfactorydefault.

EPSS

Процентиль: 70%

0.00625

Низкий

7.1 High

CVSS2

Дефекты

CWE-264