How severe is CVE-2019-13025?

CVE-2019-13025 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2019-13025

Name: ch7465lg
Author: compal

9.8CRITICAL

Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containin

Publicado: 10/2/2019Actualizado: 11/21/2024

Descripción

Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem.

Análisis IAImpulsado por IA

Productos Afectados

compalch7465lg_firmware

ch7465lg-ncip-6.12.18.24-5p8-nosh

compalch7465lg

Referencias

https://xitan.me/posts/connect-box-ch7465lg-rce/
ExploitThird Party Advisory
https://xitan.me/posts/connect-box-ch7465lg-rce/
ExploitThird Party Advisory