Описание
A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.1.3 (включая)
cpe:2.3:a:canto:canto:*:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00782
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form.
EPSS
Процентиль: 73%
0.00782
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-918