Описание
Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges.
Комментарий
The products as shown in the CPE configuration are placeholders for each product series.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:amino:ak45x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amino:ak45x:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:amino:ak5xx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amino:ak5xx:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:amino:ak65x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amino:ak65x:-:*:*:*:*:*:*:*
Конфигурация 4
Одновременно
cpe:2.3:o:amino:aria6xx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amino:aria6xx:-:*:*:*:*:*:*:*
Конфигурация 5
Одновременно
cpe:2.3:o:amino:aria7xx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amino:aria7xx:-:*:*:*:*:*:*:*
Конфигурация 6
Одновременно
cpe:2.3:o:amino:kami7b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amino:kami7b:-:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08336
Низкий
9.9 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-74
Связанные уязвимости
github
больше 3 лет назад
Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges.
EPSS
Процентиль: 92%
0.08336
Низкий
9.9 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-74