exploitDog

CVE-2023-28365

Опубликовано: 01 июл. 2023

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored.

Ссылки

https://community.ui.com/releases/Security-Advisory-Bulletin-031-031/8c85fc64-e9a8-4082-9ec4-56b14effd545
Issue Tracking
Vendor Advisory
https://community.ui.com/releases/Security-Advisory-Bulletin-031-031/8c85fc64-e9a8-4082-9ec4-56b14effd545
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:ui:unifi_network_application:*:*:*:*:*:*:*:*

Версия до 7.4.156 (исключая)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00304

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-6q57-hf8f-cfhp

CVSS3: 9.1

github

больше 2 лет назад

A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored.

EPSS

Процентиль: 53%

0.00304

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-77