Описание
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:skyworthdigital:rn510_firmware:3.1.0.4:*:*:*:*:*:*:*
cpe:2.3:h:skyworthdigital:rn510:-:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00164
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed.
EPSS
Процентиль: 38%
0.00164
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-352