Описание
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in the user home folder.
Уязвимые конфигурации
Конфигурация 1Версия от 5.1.0 (включая) до 5.1.13 (включая)
Одновременно
cpe:2.3:o:ucopia:wireless_appliance_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ucopia:wireless_appliance:-:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00756
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in the user home folder.
EPSS
Процентиль: 73%
0.00756
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-78