Описание
Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.
Затрагиваемое ПО
Microhardcorp Ipn4g firmwareMicrohardcorp Ipn4gMicrohardcorp Ipn3gb firmwareMicrohardcorp Ipn3gbMicrohardcorp Ipn4gb firmwareMicrohardcorp Ipn4gbMicrohardcorp Bullet-3g firmwareMicrohardcorp Bullet-3gMicrohardcorp Vip4gb firmwareMicrohardcorp Vip4gbMicrohardcorp Vip4gb wifi-n firmwareMicrohardcorp Vip4gb wifi-nMicrohardcorp Bullet-lte firmwareMicrohardcorp Bullet-lteMicrohardcorp Ipn3gii firmwareMicrohardcorp Ipn3giiMicrohardcorp Ipn4gii firmwareMicrohardcorp Ipn4giiMicrohardcorp Bulletplus firmwareMicrohardcorp BulletplusMicrohardcorp Dragon-lte firmwareMicrohardcorp Dragon-lte
CVSS
| Балл | 8.1 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Источники
http://www.microhardcorp.comhttps://www.exploit-db.com/exploits/45035https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5481.phphttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5481.php