Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-8101

Опубликовано: 02 фев. 2021
Источник: nvd
CVSS3: 6.9
CVSS3: 8.8
CVSS2: 8.3
EPSS Низкий

Описание

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in HTTP interface of ADT LifeShield DIY HD Video Doorbell allows an attacker on the same network to execute commands on the device. This issue affects: ADT LifeShield DIY HD Video Doorbell version 1.0.02R09 and prior versions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:adt:lifeshield_diy_hd_video_doorbell_firmware:*:*:*:*:*:*:*:*
Версия до 1.0.02r09 (включая)
cpe:2.3:h:adt:lifeshield_diy_hd_video_doorbell:-:*:*:*:*:*:*:*

EPSS

Процентиль: 67%
0.00547
Низкий

6.9 Medium

CVSS3

8.8 High

CVSS3

8.3 High

CVSS2

Дефекты

CWE-77
CWE-77

Связанные уязвимости

github логотип

GHSA-v354-qw54-4f78

github
больше 3 лет назад

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in HTTP interface of ADT LifeShield DIY HD Video Doorbell allows an attacker on the same network to execute commands on the device. This issue affects: ADT LifeShield DIY HD Video Doorbell version 1.0.02R09 and prior versions.

EPSS

Процентиль: 67%
0.00547
Низкий

6.9 Medium

CVSS3

8.8 High

CVSS3

8.3 High

CVSS2

Дефекты

CWE-77
CWE-77