exploitDog

CVE-2023-22371

Опубликовано: 06 июл. 2023

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1703
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1703
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1703

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:milesight:milesightvpn:2.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00248

Низкий

8.1 High

CVSS3

Дефекты

CWE-77

CWE-78

Связанные уязвимости

GHSA-x4wh-ccmq-r3hv

CVSS3: 8.1

github

больше 2 лет назад

An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulnerability.

EPSS

Процентиль: 48%

0.00248

Низкий

8.1 High

CVSS3

Дефекты

CWE-77

CWE-78