Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-38703
HistorySep 01, 2021 - 12:15 p.m.

Design/Logic Flaw

2021-09-0112:15:00
PRIOn knowledge base
www.prio-n.com
11

AI Score

8.3

Confidence

High

EPSS

0.975

Percentile

100.0%

Wireless devices running certain Arcadyan-derived firmware (such as KPN Experia WiFi 1.00.15) do not properly sanitise user input to the syslog configuration form. An authenticated remote attacker could leverage this to alter the device configuration and achieve remote code execution. This can be exploited in conjunction with CVE-2021-20090.

CPENameOperatorVersion
experia_wifi_firmwareeq1.00.15