Описание
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xml_url'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP requests to arbitrary destinations.
EPSS
Процентиль: 10%
0.00035
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 5.3
github
около 1 месяца назад
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xml_url'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP requests to arbitrary destinations.
EPSS
Процентиль: 10%
0.00035
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-918