Lucene search
HistoryOct 07, 2014 - 2:55 p.m.
CVE-2014-6433
gopro hero 3+
gpexec
remote file execution
cve-2014-6433
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.65 Medium
EPSS
Percentile
97.9%
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2) a2 parameter in a start action.
Affected configurations
Node
goprogopro_hero_firmwareMatch3\+
goprogopro_heroMatch3\+
| CPE | Name | Operator | Version |
|---|---|---|---|
| gopro:gopro_hero_firmware | gopro gopro hero firmware | eq | 3+ |
| gopro:gopro_hero | gopro gopro hero | eq | 3+ |
Related
prion
prion
Information disclosure
2014-10-07 14:55:00
zdi
zdi
(0Day) GoPro HERO 3+ gpExec start Remote Code Execution Vulnerability
2014-10-02 00:00:00
nvd
nvd
CVE-2014-6433
2014-10-07 14:55:06
cvelist
cvelist
CVE-2014-6433
2014-10-07 14:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.65 Medium
EPSS
Percentile
97.9%
Related for CVE-2014-6433