Описание
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
Ссылки
- Third Party Advisory
- ExploitPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
9.6 Critical
CVSS3
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use ...
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
EPSS
9.6 Critical
CVSS3
9.3 Critical
CVSS2