Описание
By using a specific credential string, an attacker with network access to the device’s web interface could circumvent the authentication scheme and perform administrative operations.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.6 (включая)
Одновременно
cpe:2.3:o:exemys:rme1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:exemys:rme1:-:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00211
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
By using a specific credential string, an attacker with network access to the device’s web interface could circumvent the authentication scheme and perform administrative operations.
EPSS
Процентиль: 43%
0.00211
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-287