exploitDog

CVE-2024-56316

Опубликовано: 27 янв. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 requests on TCP port 9675 or 7547. Rebooting does not resolve the permanent Denial of Service.

Ссылки

https://www.y-security.de/news-en/axess-auto-configuration-server-denial-of-service-cve-2024-56316/

EPSS

Процентиль: 39%

0.00175

Низкий

7.5 High

CVSS3

Дефекты

CWE-770

Связанные уязвимости

GHSA-r396-g535-84pc

CVSS3: 7.5

github

около 1 года назад

In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 requests on TCP port 9675 or 7547. Rebooting does not resolve the permanent Denial of Service.

EPSS

Процентиль: 39%

0.00175

Низкий

7.5 High

CVSS3

Дефекты

CWE-770