Описание
Akuvox E11 does not ensure that a file extension is associated with the file provided. This could allow an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00075
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-345
Связанные уязвимости
CVSS3: 6.5
github
почти 3 года назад
Akuvox E11 does not ensure that a file extension is associated with the file provided. This could allow an attacker to upload a file to the device by changing the extension of a malicious file to an accepted file type.
EPSS
Процентиль: 23%
0.00075
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-345