Описание
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:westerndigital:tv_live_hub_firmware:3.12.13:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:tv_live_hub:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:westerndigital:tv_media_player_firmware:1.03.07:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:tv_media_player:-:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.25325
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.
EPSS
Процентиль: 96%
0.25325
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-119