Описание
An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service (DoS) condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:lannerinc:iac-ast2500a_firmware:1.10.0:*:*:*:*:*:*:*
cpe:2.3:h:lannerinc:iac-ast2500a:-:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00169
Низкий
4.9 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-20
CWE-20
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service (DoS) condition which can only be reverted via a factory reset. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.
EPSS
Процентиль: 38%
0.00169
Низкий
4.9 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-20
CWE-20