Описание
Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploit the vulnerability by sending crafted POST requests with command injection payloads to download and execute malicious scripts on the device.
Ссылки
- Product
- ExploitThird Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:edimax:ew-7438rpn_mini_firmware:1.27:*:*:*:*:*:*:*
cpe:2.3:h:edimax:ew-7438rpn_mini:3:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.06301
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
5 месяцев назад
Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploit the vulnerability by sending crafted POST requests with command injection payloads to download and execute malicious scripts on the device.
EPSS
Процентиль: 93%
0.06301
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78