Описание
In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.
Уязвимые конфигурации
Конфигурация 1Версия до 7.06.013 (исключая)
Одновременно
cpe:2.3:o:meinbergglobal:lantime_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:meinbergglobal:lantime_m100:-:*:*:*:*:*:*:*
cpe:2.3:h:meinbergglobal:lantime_m200:-:*:*:*:*:*:*:*
cpe:2.3:h:meinbergglobal:lantime_m300:-:*:*:*:*:*:*:*
cpe:2.3:h:meinbergglobal:lantime_m400:-:*:*:*:*:*:*:*
cpe:2.3:h:meinbergglobal:lantime_m600:-:*:*:*:*:*:*:*
cpe:2.3:h:meinbergglobal:lantime_m900:-:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.0026
Низкий
7.2 High
CVSS3
Дефекты
CWE-434
CWE-434
Связанные уязвимости
CVSS3: 7.2
github
почти 3 года назад
In LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.
EPSS
Процентиль: 49%
0.0026
Низкий
7.2 High
CVSS3
Дефекты
CWE-434
CWE-434