Описание
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Product
- Product
- Product
- Product
- Third Party Advisory
- Vendor Advisory
- Product
- Product
- Product
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.1 (включая)
Одновременно
cpe:2.3:o:seiko-sol:skybridge_basic_mb-a130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:seiko-sol:skybridge_basic_mb-a130:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 01.00.05 (включая)
Одновременно
cpe:2.3:o:seiko-sol:skybridge_mb-a200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:seiko-sol:skybridge_mb-a200:-:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.0059
Низкий
6.5 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-295
CWE-295
Связанные уязвимости
CVSS3: 6.5
github
больше 2 лет назад
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product.
EPSS
Процентиль: 69%
0.0059
Низкий
6.5 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-295
CWE-295