exploitDog

CVE-2021-39474

Опубликовано: 10 нояб. 2021

Источник: nvd

CVSS3: 7.2

CVSS2: 9

EPSS Низкий

Описание

Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009. The vulnerability allows an attacker with privileges and network access through the ping.cmd component to execute commands on the device.

Ссылки

https://saikotwolf.medium.com/f9ed24e14e51
Exploit
Third Party Advisory
https://www.ubeeinteractive.com/?product=ubc1319
Product
Vendor Advisory
https://saikotwolf.medium.com/f9ed24e14e51
Exploit
Third Party Advisory
https://www.ubeeinteractive.com/?product=ubc1319
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ubeeinteractive:ubc1319_firmware:1319010201r009:*:*:*:*:*:*:*

cpe:2.3:h:ubeeinteractive:ubc1319:-:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02453

Низкий

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-v2x2-7cv5-vx7r

github

больше 3 лет назад

Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version 1319010201r009. The vulnerability allows an attacker with privileges and network access through the ping.cmd component to execute commands on the device.

EPSS

Процентиль: 85%

0.02453

Низкий

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78