Описание
An OS command injection vulnerability exists in the web interface configuration upload functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:mc-technologies:mc_lr_router_firmware:2.10.5:*:*:*:*:*:*:*
cpe:2.3:h:mc-technologies:mc_lr_router:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00314
Низкий
7.2 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 7.2
github
около 1 года назад
An OS command injection vulnerability exists in the web interface configuration upload functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
EPSS
Процентиль: 54%
0.00314
Низкий
7.2 High
CVSS3
Дефекты
CWE-78