CVE-2022-24659

Опубликовано: 20 июл. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device.

Ссылки

https://github.com/goldshellminer/firmware
Third Party Advisory
https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/
Exploit
Mitigation
Third Party Advisory
https://github.com/goldshellminer/firmware
Third Party Advisory
https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/
Exploit
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:goldshell:goldshell_miner_firmware:*:*:*:*:*:*:*:*

Версия до 2.2.1 (включая)

EPSS

Процентиль: 85%

0.02571

Низкий

7.5 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-3gw8-89v6-jfv4