exploitDog

CVE-2020-9526

Опубликовано: 10 авг. 2020

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising devices.

Ссылки

https://hacked.camera/
Third Party Advisory
https://redprocyon.com
Third Party Advisory
https://hacked.camera/
Third Party Advisory
https://redprocyon.com
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cs2-network:p2p:*:*:*:*:*:*:*:*

Версия до 3.0.3a (включая)

EPSS

Процентиль: 36%

0.00148

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-319

Связанные уязвимости

GHSA-wm7x-g8j8-cw8f

github

больше 3 лет назад

CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising devices.

EPSS

Процентиль: 36%

0.00148

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-319