Описание
Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.2.46 (включая) до 4.2.16 (исключая)
Одновременно
cpe:2.3:o:kaongroup:ar2140_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:kaongroup:ar2140:-:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00441
Низкий
7.2 High
CVSS3
Дефекты
CWE-78
CWE-77
CWE-77
Связанные уязвимости
CVSS3: 7.2
github
больше 1 года назад
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router.
EPSS
Процентиль: 63%
0.00441
Низкий
7.2 High
CVSS3
Дефекты
CWE-78
CWE-77
CWE-77