CVE-2024-7616

Опубликовано: 12 авг. 2024

Источник: nvd

CVSS3: 5.5

CVSS3: 9.8

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcam_cgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Ссылки

https://vuldb.com/?ctiid.273986
Permissions Required
VDB Entry
https://vuldb.com/?id.273986
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.383845
Third Party Advisory
VDB Entry
https://yjz233.notion.site/edimax-IC-5150W-has-command-injection-vulnerability-in-ipcam_cgi-cc72c7b7e2f24ba6a6609b6fcf78df34
Permissions Required
https://yjz233.notion.site/edimax-IC-6220DC-has-command-injection-vulnerability-in-ipcam_cgi-2029d67721f2473b8cfce5e286a70307?pvs=4
Permissions Required

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:edimax:ic-6220dc_firmware:*:*:*:*:*:*:*:*

Версия до 3.06 (включая)

cpe:2.3:h:edimax:ic-6220dc:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:edimax:ic-5150w_firmware:*:*:*:*:*:*:*:*

Версия до 3.06 (включая)

cpe:2.3:h:edimax:ic-5150w:-:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00656

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-77

Связанные уязвимости

GHSA-j4g2-xr64-8xmq

CVSS3: 5.5

github

больше 1 года назад

EPSS

Процентиль: 70%

0.00656

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-77