CVE-2023-4817

Опубликовано: 03 окт. 2023

Источник: nvd

CVSS3: 7.2

CVSS3: 8.8

EPSS Низкий

Описание

This vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions of the upload functionality, compromising the entire device.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-icp-das-et-7060
Product
Third Party Advisory
https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-icp-das-et-7060
Product
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:icpdas:et-7060_firmware:3.00:*:*:*:*:*:*:*

cpe:2.3:h:icpdas:et-7060:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00022

Низкий

7.2 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-x737-cfqc-6rg4

CVSS3: 7.2

github

больше 2 лет назад

This vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions of the upload functionality, compromising the entire device.

EPSS

Процентиль: 5%

0.00022

Низкий

7.2 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-434