exploitDog

CVE-2022-24372

Опубликовано: 27 апр. 2022

Источник: nvd

CVSS3: 4.6

CVSS2: 4.9

EPSS Низкий

Описание

Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.

Ссылки

https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
Product
Vendor Advisory
https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
Product
Vendor Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt
Exploit
Third Party Advisory
https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
Product
Vendor Advisory
https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
Product
Vendor Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*

Версия до 2.0.5 (исключая)

cpe:2.3:h:linksys:mr9600:-:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00064

Низкий

4.6 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-59

Связанные уязвимости

GHSA-2vfm-65cj-5j48

CVSS3: 4.6

github

почти 4 года назад

Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.

EPSS

Процентиль: 20%

0.00064

Низкий

4.6 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-59