Описание
Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:realtek:usdk:1.0:*:*:*:*:*:*:*
cpe:2.3:a:realtek:usdk:2.0:*:*:*:*:*:*:*
cpe:2.3:a:realtek:usdk:2.2:*:*:*:*:*:*:*
cpe:2.3:a:realtek:xpon_software_development_kit:1.9:*:*:*:*:*:*:*
cpe:2.3:a:realtek:xpon_software_development_kit:3.3:*:*:*:*:*:*:*
cpe:2.3:a:realtek:xpon_software_development_kit:4.0:*:*:*:*:*:*:*
cpe:2.3:a:realtek:xpon_software_development_kit:4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01287
Низкий
7.2 High
CVSS3
Дефекты
CWE-78
NVD-CWE-Other
Связанные уязвимости
CVSS3: 7.2
github
около 3 лет назад
Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.
EPSS
Процентиль: 79%
0.01287
Низкий
7.2 High
CVSS3
Дефекты
CWE-78
NVD-CWE-Other