Описание
The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field).
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:dasannetworks:h660gw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dasannetworks:h660gw:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04642
Низкий
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field).
EPSS
Процентиль: 89%
0.04642
Низкий
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78