Описание
Command injection vulnerability in PLANEX COMMUNICATIONS wireless LAN routers allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port. Note that MZK-MF300N is no longer supported, therefore the update for this product is not provided.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:planex:mzk-mf300n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:planex:mzk-mf300n:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.18 (включая)
Одновременно
cpe:2.3:o:planex:mzk-mf300hp2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:planex:mzk-mf300hp2:-:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00158
Низкий
8.8 High
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 8.8
github
почти 2 года назад
Command injection vulnerability in MZK-MF300N all firmware versions allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port.
EPSS
Процентиль: 37%
0.00158
Низкий
8.8 High
CVSS3
Дефекты
CWE-77