Описание
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tenda:rx2_pro_firmware:16.03.30.14:*:*:*:*:*:*:*
cpe:2.3:h:tenda:rx2_pro:-:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00075
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 6.5
github
9 месяцев назад
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request.
EPSS
Процентиль: 23%
0.00075
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-287