Описание
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:redlion:da50n_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:redlion:da50n:-:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00076
Низкий
8.4 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-345
Связанные уязвимости
CVSS3: 7.8
github
почти 4 года назад
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
CVSS3: 8.4
fstec
почти 4 года назад
Уязвимость веб-интерфейса межсетевого экрана DA50N, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 23%
0.00076
Низкий
8.4 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-345