CVE-2017-11321

Опубликовано: 03 окт. 2017

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Средний

Описание

The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.

Ссылки

https://sysdream.com/news/lab/2017-09-29-cve-2017-11321-ucopia-wireless-appliance-5-1-8-restricted-shell-escape/
Exploit
https://www.exploit-db.com/exploits/42937/
Exploit
Third Party Advisory
VDB Entry
https://sysdream.com/news/lab/2017-09-29-cve-2017-11321-ucopia-wireless-appliance-5-1-8-restricted-shell-escape/
Exploit
https://www.exploit-db.com/exploits/42937/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ucopia:wireless_appliance:*:*:*:*:*:*:*:*

Версия до 5.1.7 (включая)

EPSS

Процентиль: 93%

0.10482

Средний

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-r776-7hjw-2qgf