Описание
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_ipslib.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:raisecom:msg2300_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2300:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:raisecom:msg2100e_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2100e:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:raisecom:msg2200_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2200:-:*:*:*:*:*:*:*
Конфигурация 4
Одновременно
cpe:2.3:o:raisecom:msg1200_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg1200:-:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00434
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 9.8
github
около 1 года назад
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_ipslib.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded.
EPSS
Процентиль: 62%
0.00434
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-22