Описание
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the 'NTP_Server_IP' parameter with default credentials to execute arbitrary shell commands as root.
Ссылки
EPSS
Процентиль: 62%
0.00434
Низкий
8.8 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
около 1 месяца назад
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the 'NTP_Server_IP' parameter with default credentials to execute arbitrary shell commands as root.
EPSS
Процентиль: 62%
0.00434
Низкий
8.8 High
CVSS3
Дефекты
CWE-78