Описание
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:orange:airbox_firmware:y858_fl_01.16_04:*:*:*:*:*:*:*
cpe:2.3:h:orange:airbox:-:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00333
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.
EPSS
Процентиль: 56%
0.00333
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200