Описание
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:lannerinc:iac-ast2500_firmware:1.00.0:*:*:*:*:*:*:*
cpe:2.3:h:lannerinc:iac-ast2500:-:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00772
Низкий
5.8 Medium
CVSS3
7.4 High
CVSS3
Дефекты
CWE-321
CWE-798
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0.
EPSS
Процентиль: 73%
0.00772
Низкий
5.8 Medium
CVSS3
7.4 High
CVSS3
Дефекты
CWE-321
CWE-798