Описание
QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.0 (исключая)
cpe:2.3:a:qsan:sanos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00537
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions.
EPSS
Процентиль: 67%
0.00537
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78