Описание
Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py via shell metacharacters in the htmlNtpServer parameter.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:2011.3:*:*:*:*:*:*:*
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7400v2.02.01.2019:*:*:*:*:*:*:*
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7400v2.08.21.2018:*:*:*:*:*:*:*
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7800sd.2012.12.5:*:*:*:*:*:*:*
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7800sd.2015.1.16:*:*:*:*:*:*:*
cpe:2.3:h:postoaktraffic:awam_bluetooth_field_device:-:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00371
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py via shell metacharacters in the htmlNtpServer parameter.
EPSS
Процентиль: 58%
0.00371
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78