CVE-2014-8872

Опубликовано: 29 авг. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50.

Ссылки

http://packetstormsecurity.com/files/130040/AVM-FRITZ-Box-Firmware-Signature-Bypass.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2015/Jan/86
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/archive/1/534522/100/0/threaded
http://packetstormsecurity.com/files/130040/AVM-FRITZ-Box-Firmware-Signature-Bypass.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2015/Jan/86
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/archive/1/534522/100/0/threaded

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:avm:fritz\!box_6810_lte_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:avm:fritz\!box_6810_lte:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:avm:fritz\!box_6840_lte_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:avm:fritz\!box_6840_lte:-:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00139

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-2h3v-8xgc-fcxp