Описание
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command execution vulnerabilities.
Ссылки
- ExploitThird Party Advisory
- Third Party Advisory
- Product
- ExploitThird Party Advisory
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:linkplay:linkplay:-:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.086
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command execution vulnerabilities.
EPSS
Процентиль: 92%
0.086
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78