CVE-2022-48616

Опубликовано: 12 дек. 2023

Источник: nvd

CVSS3: 6.4

CVSS3: 7.5

EPSS Низкий

Описание

A Huawei data communication product has a command injection vulnerability. Successful exploitation of this vulnerability may allow attackers to gain higher privileges.

Ссылки

https://wr3nchsr.github.io/huawei-netengine-ar617vw-auth-root-rce/
Exploit
Third Party Advisory
https://wr3nchsr.github.io/huawei-netengine-ar617vw-auth-root-rce/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:ar617vw_firmware:v300r21c00spc200:*:*:*:*:*:*:*

cpe:2.3:h:huawei:ar617vw:-:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00198

Низкий

6.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-p7xv-5v8m-5xcw

CVSS3: 6.4

github

около 2 лет назад

A Huawei data communication product has a command injection vulnerability. Successful exploitation of this vulnerability may allow attackers to gain higher privileges.

EPSS

Процентиль: 42%

0.00198

Низкий

6.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-78