6.8 Medium
AI Score
Confidence
Low
9.7 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:C/A:C
0.066 Low
EPSS
Percentile
93.6%
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
pipa_c211 | eq | - rev2 | |
pipa_c211_web_interface | eq | 1.1 |