Описание
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:cambiumnetworks:cnmaestro:2.4.2:*:*:*:on_premises:*:*:*
cpe:2.3:o:cambiumnetworks:cnmaestro:3.0.0:*:*:*:on_premises:*:*:*
cpe:2.3:o:cambiumnetworks:cnmaestro:3.0.3:*:*:*:on_premises:*:*:*
EPSS
Процентиль: 27%
0.00096
Низкий
5 Medium
CVSS3
7.3 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server.
EPSS
Процентиль: 27%
0.00096
Низкий
5 Medium
CVSS3
7.3 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-78
CWE-78