Zurück zur CVE-Übersicht
CVE-2014-2321
CRITICAL(10.0)AV:N/AC:L/Au:N/C:C/I:C/A:C
Risk Signal Score53/100 — HOCH
- CVSS 10 — Kritisch
- EPSS 92% — sehr wahrscheinlich ausgenutzt
EPSS-Score
92%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
10
Technische Schwere
Beschreibung
web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials.
Referenzen
- http://www.kb.cert.org/vuls/id/600724
- http://www.myxzy.com/post-411.html
- https://community.rapid7.com/community/infosec/blog/2014/03/03/disclosure-r7-201...
- http://www.kb.cert.org/vuls/id/600724
- http://www.myxzy.com/post-411.html
- https://community.rapid7.com/community/infosec/blog/2014/03/03/disclosure-r7-201...