Описание
Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:twsz:be126_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:twsz:be126:-:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00188
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update.
EPSS
Процентиль: 41%
0.00188
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-287