Описание
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.
Ссылки
- Mailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 6.24.004 (исключая)
Одновременно
cpe:2.3:o:meinbergglobal:lantime_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:meinbergglobal:lantime:-:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.09187
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.
EPSS
Процентиль: 92%
0.09187
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200