How severe is CVE-2019-13025?

CVE-2019-13025 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2019-13025

Name: ch7465lg
Author: compal

9.8CRITICAL

Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containin

Published: 10/2/2019Updated: 11/21/2024

Description

Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem.

AI AnalysisPowered by AI

Affected Products

compalch7465lg_firmware

ch7465lg-ncip-6.12.18.24-5p8-nosh

compalch7465lg

References

https://xitan.me/posts/connect-box-ch7465lg-rce/
ExploitThird Party Advisory
https://xitan.me/posts/connect-box-ch7465lg-rce/
ExploitThird Party Advisory