Описание
Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the restricted login environment.
Ссылки
- Product
- ExploitThird Party Advisory
- https://www.vulncheck.com/advisories/anevia-flamingo-xl-remote-root-jailbreak-via-traceroute-commandThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
10 Critical
CVSS3
Дефекты
Связанные уязвимости
Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the restricted login environment.
Уязвимость микропрограммного обеспечения IPTV-станций Flamingo XL, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти защитный механизм песочницы, повысить свои привилегии и выполнить произвольные команды
EPSS
10 Critical
CVSS3