CVE-2019-18385

Опубликовано: 23 окт. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring.

Ссылки

https://github.com/gusrmsdlrh/CVE-Reserved3/blob/master/README.md
Exploit
Third Party Advisory
https://github.com/gusrmsdlrh/CVE-Reserved3/blob/master/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:terra-master:fs-210_firmware:4.0.19:*:*:*:*:*:*:*

cpe:2.3:h:terra-master:fs-210:-:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00714

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-532

Связанные уязвимости

GHSA-xw65-r59v-qpqc