Описание
PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до r02 (исключая)
Одновременно
cpe:2.3:o:kunbus:pr100088_modbus_gateway_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:kunbus:pr100088_modbus_gateway:-:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00296
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-287
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted.
EPSS
Процентиль: 52%
0.00296
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-287
CWE-287