Описание
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:broadcom:pipa_c211_web_interface:1.1:*:*:*:*:*:*:*
cpe:2.3:h:broadcom:pipa_c211:-:rev2:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.12322
Средний
9.7 Critical
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.
EPSS
Процентиль: 94%
0.12322
Средний
9.7 Critical
CVSS2
Дефекты
CWE-310