Описание
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 22.5.11.5 (включая)
Одновременно
cpe:2.3:o:phicomm:k2\(psg1218\)-firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phicomm:k2\(psg1218\):-:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02633
Низкий
9.8 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.
EPSS
Процентиль: 85%
0.02633
Низкий
9.8 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-20