ГлавнаяУязвимости → CVE-2024-3659
7.2высокая

CVE-2024-3659

Описание

Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router.

Затрагиваемое ПО
Kaongroup Ar2140 firmwareKaongroup Ar2140
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://cert.pl/en/posts/2024/08/CVE-2024-3659https://cert.pl/posts/2024/08/CVE-2024-3659