Количество 3
Количество 3
CVE-2023-31446
In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup.
GHSA-89ph-wr9x-hcfc
In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup.
BDU:2024-00268
Уязвимость корпоративного Bluetooth-шлюза Cassia X1000, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-31446 In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup. | CVSS3: 9.8 | 93% Критический | около 2 лет назад |
| GHSA-89ph-wr9x-hcfc In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup. | CVSS3: 9.8 | 93% Критический | около 2 лет назад |
 | BDU:2024-00268 Уязвимость корпоративного Bluetooth-шлюза Cassia X1000, позволяющая нарушителю выполнить произвольный код | CVSS3: 8 | 93% Критический | около 2 лет назад |
Уязвимостей на страницу