Описание
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A hardcoded backdoor session ID exists that can be used for further access to the device, including reconfiguration tasks.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.1.12 (исключая)
Одновременно
cpe:2.3:o:elspec-ltd:g5dfr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elspec-ltd:g5dfr:-:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00128
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 6.5
github
почти 2 года назад
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A hardcoded backdoor session ID exists that can be used for further access to the device, including reconfiguration tasks.
EPSS
Процентиль: 32%
0.00128
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-798