exploitDog

CVE-2022-43308

Опубликовано: 18 нояб. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies.

Ссылки

https://github.com/vitorespf/Advisories/blob/master/Intelbras-switch.txt
Exploit
Third Party Advisory
https://www.intelbras.com/pt-br/switch-gerenciavel-24-portas-poe-gigabit-ethernet-sg-2404-poe
Product
https://github.com/vitorespf/Advisories/blob/master/Intelbras-switch.txt
Exploit
Third Party Advisory
https://www.intelbras.com/pt-br/switch-gerenciavel-24-portas-poe-gigabit-ethernet-sg-2404-poe
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:intelbras:sg_2404_poe_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intelbras:sg_2404_poe:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:intelbras:sg_2404_mr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intelbras:sg_2404_mr:-:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00033

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

CWE-269

Связанные уязвимости

GHSA-2c76-rwr8-xf77

CVSS3: 7.8

github

почти 3 года назад

INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies.

EPSS

Процентиль: 8%

0.00033

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

CWE-269