Описание
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.12 (исключая)
Одновременно
cpe:2.3:o:digi:connectport_lts_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:digi:connectport_lts_16:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_16_mei:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_16_mei_2ac:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_32:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_32_mei:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_8_mei:-:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
8.8 High
CVSS3
Дефекты
CWE-552
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.
EPSS
Процентиль: 27%
0.00097
Низкий
8.8 High
CVSS3
Дефекты
CWE-552