Описание
An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing the URL after a Connection String Test. This password is shown in the webpass parameter of a media_folder.cgi?apply_mode=ping_server URI.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:cayintech:smp-pro4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cayintech:smp-pro4:-:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00356
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing the URL after a Connection String Test. This password is shown in the webpass parameter of a media_folder.cgi?apply_mode=ping_server URI.
EPSS
Процентиль: 57%
0.00356
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200