Описание
A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.
Ссылки
- Vendor Advisory
- Mailing List
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.3 (исключая)
Одновременно
cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00134
Низкий
7.2 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 7.2
github
7 месяцев назад
A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.
EPSS
Процентиль: 34%
0.00134
Низкий
7.2 High
CVSS3
Дефекты
CWE-78