exploitDog

CVE-2017-7457

Опубликовано: 14 апр. 2017

Источник: nvd

CVSS3: 5

CVSS2: 1.9

EPSS Низкий

Описание

XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.

Ссылки

http://hyp3rlinx.altervista.org/advisories/MOXA-MX-AOPC-SERVER-v1.5-XML-EXTERNAL-ENTITY.txt
Exploit
Third Party Advisory
http://seclists.org/fulldisclosure/2017/Apr/51
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/41852/
http://hyp3rlinx.altervista.org/advisories/MOXA-MX-AOPC-SERVER-v1.5-XML-EXTERNAL-ENTITY.txt
Exploit
Third Party Advisory
http://seclists.org/fulldisclosure/2017/Apr/51
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/41852/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:moxa:mx-aopc_server:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00472

Низкий

5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-611

Связанные уязвимости

GHSA-fgq7-r9vw-5f86

CVSS3: 5

github

больше 3 лет назад

XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.

EPSS

Процентиль: 64%

0.00472

Низкий

5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-611