exploitDog

CVE-2023-43134

Опубликовано: 20 сент. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.

Ссылки

https://github.com/7R4C4R/CVE/blob/main/Netis-360R-AC1200/unauthorized%20access/readme.md
Exploit
Third Party Advisory
https://github.com/7R4C4R/CVE/blob/main/Netis-360R-AC1200/unauthorized%20access/readme.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:netis-systems:360r_firmware:1.3.4517:*:*:*:*:*:*:*

cpe:2.3:h:netis-systems:360r:-:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00091

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-9r48-v779-mpp5

CVSS3: 9.8

github

больше 2 лет назад

There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.

EPSS

Процентиль: 26%

0.00091

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-862