7.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.2%
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An attacker can send a POST request to cgibin/ApkUpload.cgi to install arbitrary APK without any authentication.
surl.twcert.org.tw/hVut7
gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b
tvn.twcert.org.tw/taiwanvn/TVN-201906007