Описание
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.305b240802 (исключая)
Одновременно
cpe:2.3:o:planet:gs-4210-24p2s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:planet:gs-4210-24p2s:3.0:*:*:*:*:*:*:*
Конфигурация 2Версия до 2.305b240719 (исключая)
Одновременно
cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:planet:gs-4210-24pl4c:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.0095
Низкий
8.8 High
CVSS3
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 8.8
github
больше 1 года назад
Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.
EPSS
Процентиль: 76%
0.0095
Низкий
8.8 High
CVSS3
Дефекты
CWE-798