Описание
A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions is possible. Firewalling or disabling the service is recommended.
Ссылки
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:cardosystems:scala_rider_q3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cardosystems:scala_rider_q3:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04912
Низкий
8.1 High
CVSS3
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-269
CWE-269
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions is possible. Firewalling or disabling the service is recommended.
EPSS
Процентиль: 89%
0.04912
Низкий
8.1 High
CVSS3
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-269
CWE-269