CVE-2019-1010136

Опубликовано: 19 июл. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only authenticaed users. The attack vector is: Remote.

Ссылки

https://www.exploit-db.com/exploits/45187/
Exploit
Third Party Advisory
VDB Entry
https://www.shodan.io/search?query=title%3APLC++pstVal-%3Evalue%3Ahtml%2Findex.html
Permissions Required
https://www.exploit-db.com/exploits/45187/
Exploit
Third Party Advisory
VDB Entry
https://www.shodan.io/search?query=title%3APLC++pstVal-%3Evalue%3Ahtml%2Findex.html
Permissions Required

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:chinamobileltd:gpn2.4p21-c-cn_firmware:w2001en-00:*:*:*:*:*:*:*

cpe:2.3:h:chinamobileltd:gpn2.4p21-c-cn:-:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01212

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-mg47-xx2w-pxfq

github

больше 3 лет назад