6.3 Medium
AI Score
Confidence
Low
9.7 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:C/A:C
0.083 Low
EPSS
Percentile
94.4%
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
broadcom:pipa_c211_web_interface | broadcom pipa c211 web interface | eq | 1.1 |
broadcom:pipa_c211 | broadcom pipa c211 | eq | - |