Lucene search

PRIOn knowledge basePRION:CVE-2014-8387

HistoryNov 20, 2014 - 1:55 p.m.

Code injection

2014-11-2013:55:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

89.9%

JSON

cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.

CPENameOperatorVersion
eki-6340_firmwareeq2.05

CPE	Name	Operator	Version
	eki-6340_firmware	eq	2.05

References

seclists.org/fulldisclosure/2014/Nov/58

www.coresecurity.com/advisories/advantech-eki-6340-command-injection

www.securityfocus.com/archive/1/534021/100/0/threaded

www.securityfocus.com/bid/71192

7.6 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

89.9%

JSON

Related for PRION:CVE-2014-8387