Описание
V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'user_role_mod' set to integer value '1' to elevate their privileges.
EPSS
Процентиль: 28%
0.00099
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 9.8
github
около 1 месяца назад
V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'user_role_mod' set to integer value '1' to elevate their privileges.
EPSS
Процентиль: 28%
0.00099
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-863