Описание
The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function.
EPSS
Процентиль: 29%
0.00104
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-1299
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function.
EPSS
Процентиль: 29%
0.00104
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-1299