Описание
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by install.sh).
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredThird Party Advisory
- ProductVendor Advisory
- ProductVendor Advisory
- Release NotesVendor Advisory
- ExploitThird Party Advisory
- Permissions RequiredThird Party Advisory
- ProductVendor Advisory
- ProductVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.10 (включая)
Одновременно
cpe:2.3:o:generex:cs141_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:generex:cs141:-:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06451
Низкий
9.1 Critical
CVSS3
7.2 High
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
Generex CS141 before 2.08 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by install.sh).
EPSS
Процентиль: 91%
0.06451
Низкий
9.1 Critical
CVSS3
7.2 High
CVSS3
Дефекты
NVD-CWE-noinfo