Описание
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:aeroadmin:aeroadmin:4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00955
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-444
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.
EPSS
Процентиль: 76%
0.00955
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-444