exploitDog

CVE-2019-6961

Опубликовано: 20 июн. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator) by sending an HTTP POST to the PHP backend, because the page filtering for non-superuser (in header.php) is done only for GET requests and not for direct AJAX calls.

Ссылки

https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open
Third Party Advisory
https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rdkcentral:rdkb_ccsppandm:rdkb-20181217-1:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00146

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-862

Связанные уязвимости

GHSA-xm7h-r43h-8xg2

CVSS3: 6.5

github

больше 3 лет назад

Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator) by sending an HTTP POST to the PHP backend, because the page filtering for non-superuser (in header.php) is done only for GET requests and not for direct AJAX calls.

EPSS

Процентиль: 35%

0.00146

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-862