Описание
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in sync_project.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.
Уязвимые конфигурации
Конфигурация 1Версия до 4.7.18.0 (включая)
Одновременно
cpe:2.3:o:ilevia:eve_x1_server_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ilevia:eve_x1_server:-:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00125
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-250
Связанные уязвимости
CVSS3: 9.8
github
4 месяца назад
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in sync_project.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.
EPSS
Процентиль: 32%
0.00125
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-250