CVE-2016-7811

Опубликовано: 09 июн. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 5.8

EPSS Низкий

Описание

Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors.

Ссылки

http://corega.jp/support/security/20161111_wlr300nx.htm
Third Party Advisory
http://www.securityfocus.com/bid/94248
Third Party Advisory
VDB Entry
https://jvn.jp/en/jp/JVN23549283/index.html
Third Party Advisory
VDB Entry
http://corega.jp/support/security/20161111_wlr300nx.htm
Third Party Advisory
http://www.securityfocus.com/bid/94248
Third Party Advisory
VDB Entry
https://jvn.jp/en/jp/JVN23549283/index.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:corega:cg-wlr300nx_firmware:*:*:*:*:*:*:*:*

Версия до 1.20 (включая)

cpe:2.3:h:corega:cg-wlr300nx:-:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.00071

Низкий

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-wqr8-ffc3-cx2r