exploitDog

CVE-2015-2866

Опубликовано: 08 июл. 2015

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability on the Grandstream GXV3611_HD camera with firmware before 1.0.3.9 beta allows remote attackers to execute arbitrary SQL commands by attempting to establish a TELNET session with a crafted username.

Ссылки

http://www.kb.cert.org/vuls/id/253708
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/40441/
http://www.kb.cert.org/vuls/id/253708
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/40441/

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:grandstream:gxv3611_hd_firmware:*:*:*:*:*:*:*:*

Версия до 1.0.3.6 (включая)

cpe:2.3:h:grandstream:gxv3611_hd:*:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03623

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-hp4h-r728-m6xf

github

больше 3 лет назад

SQL injection vulnerability on the Grandstream GXV3611_HD camera with firmware before 1.0.3.9 beta allows remote attackers to execute arbitrary SQL commands by attempting to establish a TELNET session with a crafted username.

EPSS

Процентиль: 88%

0.03623

Низкий

7.5 High

CVSS2

Дефекты

CWE-89