Описание
An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues.
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.12 (исключая)
Одновременно
cpe:2.3:o:digi:connectport_lts_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:digi:connectport_lts_16:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_16_mei:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_16_mei_2ac:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_32:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_32_mei:-:*:*:*:*:*:*:*
cpe:2.3:h:digi:connectport_lts_8_mei:-:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01179
Низкий
8.8 High
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues.
EPSS
Процентиль: 78%
0.01179
Низкий
8.8 High
CVSS3
Дефекты
CWE-862