exploitDog

CVE-2023-45852

Опубликовано: 14 окт. 2023

Источник: nvd

CVSS3: 9.8

EPSS Критический

Описание

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.

Ссылки

https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html
Product
https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md
Exploit
Third Party Advisory
https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html
Product
https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:viessmann:vitogate_300_firmware:*:*:*:*:*:*:*:*

Версия до 2.1.3.0 (включая)

cpe:2.3:h:viessmann:vitogate_300:-:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.93587

Критический

9.8 Critical

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-4j4f-q993-cr2r

CVSS3: 9.8

github

больше 2 лет назад

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.

EPSS

Процентиль: 100%

0.93587

Критический

9.8 Critical

CVSS3

Дефекты

CWE-77