Описание
A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, authenticated attackers to execute arbitrary code by injecting shell commands into the name of the Vilo device.
Ссылки
- Not Applicable
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.16.1.33 (включая)
Одновременно
cpe:2.3:o:viloliving:vilo_5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:viloliving:vilo_5:-:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.0362
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 9.1
github
больше 1 года назад
A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, authenticated attackers to execute arbitrary code by injecting shell commands into the name of the Vilo device.
EPSS
Процентиль: 88%
0.0362
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-77