Описание
An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:swiftsensors:sg3-1010_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:swiftsensors:sg3-1010:-:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10738
Средний
10 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798
CWE-330
Связанные уязвимости
CVSS3: 10
github
почти 4 года назад
An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
EPSS
Процентиль: 93%
0.10738
Средний
10 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798
CWE-330