Описание
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.1 (включая)
Одновременно
cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.0.1 (включая)
Одновременно
cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00315
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.
EPSS
Процентиль: 54%
0.00315
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-78