exploitDog

CVE-2022-38119

Опубликовано: 10 нояб. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service.

Ссылки

https://www.twcert.org.tw/tw/cp-132-6678-e9fbe-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-6678-e9fbe-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:upspowercom:upsmon_pro:2.57:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02732

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-287

CWE-287

Связанные уязвимости

GHSA-wrjq-c6h8-5hjq

CVSS3: 9.8

github

около 3 лет назад

UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service.

EPSS

Процентиль: 86%

0.02732

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-287

CWE-287