Описание
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:aztech:wmb250ac_firmware:016_2020:*:*:*:*:*:*:*
cpe:2.3:h:aztech:wmb250ac:-:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00647
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-522
CWE-522
Связанные уязвимости
CVSS3: 9.8
github
почти 3 года назад
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password.
EPSS
Процентиль: 70%
0.00647
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-522
CWE-522