exploitDog

CVE-2022-24630

Опубликовано: 29 мая 2023

Источник: nvd

CVSS3: 7.2

EPSS Средний

Описание

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an ssh_command field that is executed.

Ссылки

http://seclists.org/fulldisclosure/2023/Feb/12
Exploit
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2023/Feb/12
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:audiocodes:device_manager_express:*:*:*:*:*:*:*:*

Версия до 7.8.20002.47752 (включая)

EPSS

Процентиль: 97%

0.42602

Средний

7.2 High

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-q38v-gvjv-m5cj

CVSS3: 7.2

github

больше 2 лет назад

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh POST request with an ssh_command field that is executed.

EPSS

Процентиль: 97%

0.42602

Средний

7.2 High

CVSS3

Дефекты

CWE-77