Описание
A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:dlink:dwl-2600ap_firmware:4.2.0.17:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwl-2600ap:-:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00389
Низкий
7.8 High
CVSS3
Дефекты
CWE-77
CWE-77
Связанные уязвимости
CVSS3: 8
github
почти 3 года назад
A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root.
EPSS
Процентиль: 59%
0.00389
Низкий
7.8 High
CVSS3
Дефекты
CWE-77
CWE-77