Описание
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. By default, the device does not enforce any authentication. An adjacent attacker is able to use the network interface without proper access control.
Ссылки
- Permissions RequiredThird Party Advisory
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до ethernet_r07 (исключая)
Одновременно
cpe:2.3:o:vzug:combi-stream_mslq_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:vzug:combi-stream_mslq:-:*:*:*:*:*:*:*
Конфигурация 2Версия до wlan_r05 (исключая)
Одновременно
cpe:2.3:o:vzug:combi-stream_mslq_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:vzug:combi-stream_mslq:-:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00098
Низкий
8.8 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. By default, the device does not enforce any authentication. An adjacent attacker is able to use the network interface without proper access control.
EPSS
Процентиль: 27%
0.00098
Низкий
8.8 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-306