exploitDog

CVE-2020-14069

Опубликовано: 29 июн. 2020

Источник: nvd

CVSS3: 6.8

CVSS2: 4.6

EPSS Низкий

Описание

An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php.

Ссылки

http://mk-auth.com.br/page/changelog-1
Vendor Advisory
https://gist.github.com/merhawi023/a1155913df3cf0c17971b0fb7dcd8f20
Third Party Advisory
http://mk-auth.com.br/page/changelog-1
Vendor Advisory
https://gist.github.com/merhawi023/a1155913df3cf0c17971b0fb7dcd8f20
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mk-auth:mk-auth:19.01:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00137

Низкий

6.8 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-4q9j-rxq5-9m9j

github

больше 3 лет назад

An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php.

EPSS

Процентиль: 34%

0.00137

Низкий

6.8 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-89