exploitDog

CVE-2021-28111

Опубликовано: 20 мая 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an authenticated attacker.

Ссылки

https://static.draeger.com/security
Vendor Advisory
https://static.draeger.com/security/download/PSA-21-120-1-X-Dock-Product-Security-Advisory.pdf
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-604/
Third Party Advisory
VDB Entry
https://static.draeger.com/security
Vendor Advisory
https://static.draeger.com/security/download/PSA-21-120-1-X-Dock-Product-Security-Advisory.pdf
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-604/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:draeger:x-dock_firmware:*:*:*:*:*:*:*:*

Версия до 03.00.13 (исключая)

Одно из

cpe:2.3:h:draeger:x-dock_5300:-:*:*:*:*:*:*:*

cpe:2.3:h:draeger:x-dock_6300:-:*:*:*:*:*:*:*

cpe:2.3:h:draeger:x-dock_6600:-:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02959

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-r7pq-m59r-56qm

github

больше 3 лет назад

Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an authenticated attacker.

EPSS

Процентиль: 86%

0.02959

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-798