exploitDog

CVE-2024-25736

Опубликовано: 27 мар. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.

Ссылки

http://packetstormsecurity.com/files/177083
Exploit
VDB Entry
https://hyp3rlinx.altervista.org
Third Party Advisory
http://packetstormsecurity.com/files/177083
Exploit
VDB Entry
http://seclists.org/fulldisclosure/2024/Feb/8
https://hyp3rlinx.altervista.org
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:wyrestorm:apollo_vx20_firmware:*:*:*:*:*:*:*:*

Версия до 1.3.58 (исключая)

cpe:2.3:h:wyrestorm:apollo_vx20:-:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06948

Низкий

7.5 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-qfrc-58xm-3h85

CVSS3: 7.5

github

почти 2 года назад

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.

EPSS

Процентиль: 91%

0.06948

Низкий

7.5 High

CVSS3

Дефекты

CWE-284