CVE-2016-10098

Опубликовано: 05 фев. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands.

Ссылки

http://www.securityfocus.com/bid/96129
https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/
Press/Media Coverage
Third Party Advisory
URL Repurposed
http://www.securityfocus.com/bid/96129
https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/
Press/Media Coverage
Third Party Advisory
URL Repurposed

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sendquick:entera_sms_gateway_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sendquick:entera_sms_gateway:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:sendquick:avera_sms_gateway_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sendquick:avera_sms_gateway:-:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03271

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-77

Связанные уязвимости

GHSA-34q4-48x9-q5fv