Описание
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.13.11 (исключая)
Одновременно
cpe:2.3:o:amazon:blink_xt2_sync_module_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amazon:blink_xt2_sync_module:-:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00731
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.
EPSS
Процентиль: 72%
0.00731
Низкий
8.8 High
CVSS3
8.3 High
CVSS2
Дефекты
CWE-78