CVE-2023-29711

Опубликовано: 22 июн. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows attackers to execute arbitrary code via crafted GET request.

Ссылки

https://github.com/shellpei/LINK-Unauthorized/blob/main/CVE-2023-29711
Exploit
Third Party Advisory
https://holistic-height-e6d.notion.site/LINK-PSG-5124-Switch-remote-command-vulnerability-da4fd8fb450d42879b07ef3a953a2366
Exploit
Third Party Advisory
https://github.com/shellpei/LINK-Unauthorized/blob/main/CVE-2023-29711
Exploit
Third Party Advisory
https://holistic-height-e6d.notion.site/LINK-PSG-5124-Switch-remote-command-vulnerability-da4fd8fb450d42879b07ef3a953a2366
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:interlink:psg-5124_firmware:1.0.4:*:*:*:*:*:*:*

cpe:2.3:h:interlink:psg-5124:-:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00231

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-346

Связанные уязвимости

GHSA-79xr-w992-c9fw