Lucene search
HistoryOct 07, 2014 - 2:55 p.m.
CVE-2014-6434
cve-2014-6434
gopro hero 3+
remote code execution
gpexec
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.135 Low
EPSS
Percentile
95.7%
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the (1) a1 or (2) a2 parameter in a restart action.
Affected configurations
Node
goprogopro_hero_firmwareMatch3\+
goprogopro_heroMatch3\+
| CPE | Name | Operator | Version |
|---|---|---|---|
| gopro:gopro_hero_firmware | gopro gopro hero firmware | eq | 3+ |
| gopro:gopro_hero | gopro gopro hero | eq | 3+ |
Related
cvelist
cvelist
CVE-2014-6434
2014-10-07 14:00:00
nvd
nvd
CVE-2014-6434
2014-10-07 14:55:06
zdi
zdi
(0Day) GoPro HERO 3+ gpExec restart Remote Code Execution Vulnerability
2014-10-02 00:00:00
prion
prion
Deserialization of untrusted data
2014-10-07 14:55:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.135 Low
EPSS
Percentile
95.7%
Related for CVE-2014-6434