CVE-2017-6531

Опубликовано: 20 июл. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, the backup/restore feature lacks access control, related to ReadFile.cgi and LoadCfgFile.

Ссылки

https://www.tarlogic.com/advisories/Televes_CoaxData_Gateway_en.txt
Technical Description
Vendor Advisory
https://www.tarlogic.com/advisories/Televes_CoaxData_Gateway_es.txt
Technical Description
Vendor Advisory
https://www.tarlogic.com/advisories/Televes_CoaxData_Gateway_en.txt
Technical Description
Vendor Advisory
https://www.tarlogic.com/advisories/Televes_CoaxData_Gateway_es.txt
Technical Description
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:televes:coaxdata_gateway_1gbps_firmware:1.02.0014_4.20:*:*:*:*:*:*:*

cpe:2.3:h:televes:coaxdata_gateway_1gbps:-:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00856

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-2rjr-rjm7-c6vp