Описание
devolo dLAN 500 AV Wireless+ 3.1.0-1 contains an authentication bypass vulnerability that allows attackers to enable hidden services through the htmlmgr CGI script. Attackers can enable telnet and remote shell services, reboot the device, and gain root access without a password by manipulating system configuration parameters.
EPSS
Процентиль: 30%
0.00113
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-266
Связанные уязвимости
CVSS3: 9.8
github
около 1 месяца назад
devolo dLAN 500 AV Wireless+ 3.1.0-1 contains an authentication bypass vulnerability that allows attackers to enable hidden services through the htmlmgr CGI script. Attackers can enable telnet and remote shell services, reboot the device, and gain root access without a password by manipulating system configuration parameters.
EPSS
Процентиль: 30%
0.00113
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-266