Описание
An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:megatech:msnswitch_firmware:mnt.2408:*:*:*:*:*:*:*
cpe:2.3:h:megatech:msnswitch:-:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.86991
Высокий
9.8 Critical
CVSS3
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution.
EPSS
Процентиль: 99%
0.86991
Высокий
9.8 Critical
CVSS3
Дефекты
CWE-287