Описание
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user.
Ссылки
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:winstonprivacy:winston_firmware:1.5.4:*:*:*:*:*:*:*
cpe:2.3:h:winstonprivacy:winston:-:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00398
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user.
EPSS
Процентиль: 60%
0.00398
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo