CVE-2023-0887

Опубликовано: 17 фев. 2023

Источник: nvd

CVSS3: 7

CVSS3: 7.8

CVSS2: 6

EPSS Низкий

Описание

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The associated identifier of this vulnerability is VDB-221351.

Ссылки

https://vuldb.com/?ctiid.221351
Permissions Required
Third Party Advisory
https://vuldb.com/?id.221351
Third Party Advisory
https://vuldb.com/?ctiid.221351
Permissions Required
Third Party Advisory
https://vuldb.com/?id.221351
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tftpd64_project:tftpd64:4.64:*:*:*:se:*:*:*

EPSS

Процентиль: 11%

0.00037

Низкий

7 High

CVSS3

7.8 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-428

Связанные уязвимости

GHSA-j9g7-7qq4-88m2

CVSS3: 7.8

github

почти 3 года назад

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The associated identifier of this vulnerability is VDB-221351.

EPSS

Процентиль: 11%

0.00037

Низкий

7 High

CVSS3

7.8 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-428