Описание
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:gira:tks-ip-gateway_firmware:4.0.7.7:*:*:*:*:*:*:*
cpe:2.3:h:gira:tks-ip-gateway:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04757
Низкий
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access.
EPSS
Процентиль: 89%
0.04757
Низкий
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78