exploitDog

CVE-2018-15657

Опубликовано: 05 фев. 2019

Источник: nvd

CVSS3: 7.3

CVSS2: 1.9

EPSS Низкий

Описание

An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.

Ссылки

https://research.digitalinterruption.com/2019/01/31/multiple-vulnerabilities-found-in-mobile-device-management-software/
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/46305/
Exploit
Third Party Advisory
VDB Entry
https://research.digitalinterruption.com/2019/01/31/multiple-vulnerabilities-found-in-mobile-device-management-software/
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/46305/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:42gears:suremdm:*:*:*:*:*:*:*:*

Версия до 2018-11-27 (исключая)

EPSS

Процентиль: 91%

0.07182

Низкий

7.3 High

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-918

Связанные уязвимости

GHSA-j963-vc5v-49cp

CVSS3: 7.3

github

больше 3 лет назад

An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.

EPSS

Процентиль: 91%

0.07182

Низкий

7.3 High

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-918