Описание
The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version.
Ссылки
- ExploitThird Party Advisory
- ProductVendor Advisory
- ExploitThird Party Advisory
- ProductVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:engeniustech:ews660ap_firmware:2.0.284:*:*:*:*:*:*:*
cpe:2.3:h:engeniustech:ews660ap:-:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02451
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version.
EPSS
Процентиль: 85%
0.02451
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78