Описание
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:conceptronic:cipcamptiwl_firmware:00.30.01.0047p3:*:*:*:*:*:*:*
cpe:2.3:o:conceptronic:cipcamptiwl_web_firmware:0.61.30.21:*:*:*:*:*:*:*
cpe:2.3:h:conceptronic:cipcamptiwl:3:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.22187
Средний
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device.
EPSS
Процентиль: 96%
0.22187
Средний
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-20