admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-258xx/CVE-2024-25852.json
cad-safe-bot bf480619fe Auto-Update: 2024-08-14T22:00:18.003598+00:00
2024-08-14 22:03:14 +00:00

64 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-25852",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-11T21:15:07.980",
"lastModified": "2024-08-14T20:35:06.957",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the \"AccessControlList\" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights."
},
{
"lang": "es",
"value": "Linksys RE7000 v2.0.9, v2.0.11 y v2.0.15 tienen una vulnerabilidad de ejecuci\u00f3n de comandos en el par\u00e1metro \"AccessControlList\" del punto de funci\u00f3n de control de acceso. Un atacante puede utilizar la vulnerabilidad para obtener derechos de administrador del dispositivo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md",
"source": "cve@mitre.org"
},
{
"url": "https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink