Описание
A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution.
Уязвимые конфигурации
Конфигурация 1Версия до 1.7.0 (включая)
Одновременно
cpe:2.3:o:ui:edgemax_edgepower_24v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ui:edgemax_edgepower_24v:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.7.0 (включая)
Одновременно
cpe:2.3:o:ui:edgemax_edgepower_54v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ui:edgemax_edgepower_54v:-:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00382
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352
Связанные уязвимости
github
больше 3 лет назад
A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution.
EPSS
Процентиль: 59%
0.00382
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352