Описание
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0 (включая) до 2.0-2 (включая)Версия от 3.0 (включая) до 3.0-2 (включая)
Одно из
cpe:2.3:a:hgiga:oaklouds_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:hgiga:oaklouds_portal:*:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06621
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in.
EPSS
Процентиль: 91%
0.06621
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78