Описание
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.13.11 (исключая)
Одновременно
cpe:2.3:o:amazon:blink_xt2_sync_module_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amazon:blink_xt2_sync_module:-:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.0054
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.
EPSS
Процентиль: 67%
0.0054
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-78