Описание
Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.
Ссылки
- ProductVendor Advisory
- ExploitThird Party Advisory
- ProductVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:netis-systems:wf2780_firmware:2.3.40404:*:*:*:*:*:*:*
cpe:2.3:h:netis-systems:wf2780:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:netis-systems:wf2411_firmware:1.1.29629:*:*:*:*:*:*:*
cpe:2.3:h:netis-systems:wf2411:-:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.24398
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.
EPSS
Процентиль: 96%
0.24398
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78