Lucene search

PRIOn knowledge basePRION:CVE-2013-2580

HistoryOct 11, 2013 - 9:55 p.m.

Unrestricted file upload

2013-10-1121:55:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:C/A:N

0.001 Low

EPSS

Percentile

48.6%

JSON

Unrestricted file upload vulnerability in cgi-bin/uploadfile in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, allows remote attackers to upload arbitrary files, then accessing it via a direct request to the file in the mnt/mtd directory.

CPENameOperatorVersion
lm_firmwareeq<= 1.6.18p12-sign5

CPE	Name	Operator	Version
	lm_firmware	eq	<= 1.6.18p12-sign5

References

www.coresecurity.com/advisories/multiple-vulnerabilities-tp-link-tl-sc3171-ip-cameras

7.4 High

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:C/A:N

0.001 Low

EPSS

Percentile

48.6%

JSON

Related for PRION:CVE-2013-2580