CVE-2020-25036

Sažetak

UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command.

Reference

https://blog.globadis.com/blog/ucopia-v6-multiple-cves-root/
https://ucopia.com/en/solutions/product-line-wifi/

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

04-02-2021 - 19:33

Objavljeno

02-02-2021 - 06:15