CVE-2024-0570

Опубликовано: 16 янв. 2024

Источник: nvd

CVSS3: 7.3

CVSS3: 9.1

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component. VDB-250786 is the identifier assigned to this vulnerability.

Ссылки

https://vuldb.com/?ctiid.250786
Permissions Required
Third Party Advisory
https://vuldb.com/?id.250786
Third Party Advisory
https://vuldb.com/?submit.263655
Third Party Advisory
VDB Entry
https://www.chtsecurity.com/news/16e4f985-8248-4353-a26e-b77ca487ce31
Third Party Advisory
https://www.chtsecurity.com/news/f6d7ae2c-fb1e-4c31-a9ce-bfc5ee038eb1
Third Party Advisory
https://vuldb.com/?ctiid.250786
Permissions Required
Third Party Advisory
https://vuldb.com/?id.250786
Third Party Advisory
https://vuldb.com/?submit.263655
Third Party Advisory
VDB Entry
https://www.chtsecurity.com/news/16e4f985-8248-4353-a26e-b77ca487ce31
Third Party Advisory
https://www.chtsecurity.com/news/f6d7ae2c-fb1e-4c31-a9ce-bfc5ee038eb1
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:totolink:n350rt_firmware:9.3.5u.6265:*:*:*:*:*:*:*

cpe:2.3:h:totolink:n350rt:-:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00197

Низкий

7.3 High

CVSS3

9.1 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-284

CWE-862

Связанные уязвимости

GHSA-6wh7-wg3p-86m2

CVSS3: 7.3

github

около 2 лет назад

EPSS

Процентиль: 42%

0.00197

Низкий

7.3 High

CVSS3

9.1 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-284

CWE-862