Описание
Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time) scripts.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:iteris:vantage_velocity_firmware:2.3.1:*:*:*:*:*:*:*
cpe:2.3:o:iteris:vantage_velocity_firmware:2.4.2:*:*:*:*:*:*:*
cpe:2.3:h:iteris:vantage_velocity:-:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00331
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-732
Связанные уязвимости
github
больше 3 лет назад
Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time) scripts.
EPSS
Процентиль: 55%
0.00331
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-732