exploitDog

CVE-2023-28704

Опубликовано: 02 июн. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Furbo dog camera has insufficient filtering for special parameter of device log management function. An unauthenticated remote attacker in the Bluetooth network with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands or disrupt service.

Ссылки

https://www.twcert.org.tw/tw/cp-132-7153-68f52-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-7153-68f52-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:furbo:dog_camera_firmware:542:*:*:*:*:*:*:*

cpe:2.3:h:furbo:dog_camera:-:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.0041

Низкий

8.8 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-52cw-mfvg-73mg

CVSS3: 8.8

github

больше 2 лет назад

Furbo dog camera has insufficient filtering for special parameter of device log management function. An unauthenticated remote attacker in the Bluetooth network with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands or disrupt service.

EPSS

Процентиль: 61%

0.0041

Низкий

8.8 High

CVSS3

Дефекты

CWE-78