Описание
A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal.
Ссылки
- Product
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:shanling:eddict_player:2.1.3:*:*:*:*:android:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:shanling:mtouch_os:3.3:*:*:*:*:*:*:*
cpe:2.3:h:shanling:m2x:-:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.004
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 9.8
github
почти 3 года назад
A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal.
EPSS
Процентиль: 60%
0.004
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22