VDB-220053 · CVE-2023-0658 · GCVE-100-220053

Multilaser RE057/RE170 2.1/2.2 Backup File /param.file.tgz Bayani fitowa

Wuro vulnerability wey an yi classify sey kura an gano shi a cikin Multilaser RE057 and RE170 2.1/2.2. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, /param.file.tgz na cikin fayil, Backup File Handler na cikin sashi. Ngam manipulation shi Bayani fitowa. CWE shidin ka a yi bayani matsala sai ya kai CWE-200. Gaskiya, laifi an fitar da shi 02/02/2023. Wannan rauni ana sayar da shi da suna CVE-2023-0658. Ngam yiɗi ka a tuma ndiyam ka nder internet. Tekinikal bayani ga. Kuma, exploit ɗin yana akwai. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á wúro huɗɗi-na-gaskiya. Kama 0-day, an ndiyam a wuro be $0-$5k. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

3 Goyarwa · 68 Datenpunkte

Furɗe	Súgá 02/02/2023 20:47	Gargadi 1/2 03/04/2023 08:37	Gargadi 2/2 03/04/2023 08:38
software_vendor	Multilaser	Multilaser	Multilaser
software_name	RE057/RE170	RE057/RE170	RE057/RE170
software_version	2.1/2.2	2.1/2.2	2.1/2.2
software_component	Backup File Handler	Backup File Handler	Backup File Handler
software_file	/param.file.tgz	/param.file.tgz	/param.file.tgz
vulnerability_cwe	CWE-200 (Bayani fitowa)	CWE-200 (Bayani fitowa)	CWE-200 (Bayani fitowa)
vulnerability_risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	N	N	N
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rc	R	R	R
exploit_availability	1	1	1
source_cve	CVE-2023-0658	CVE-2023-0658	CVE-2023-0658
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1675292400 (02/02/2023)	1675292400 (02/02/2023)	1675292400 (02/02/2023)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	N	N	N
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_rl	X	X	X
cvss2_vuldb_basescore	5.0	5.0	5.0
cvss2_vuldb_tempscore	4.3	4.3	4.3
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	4.8	4.8	4.8
cvss3_meta_basescore	5.3	5.3	6.0
cvss3_meta_tempscore	4.8	4.8	5.9
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1675292400 (02/02/2023)	1675292400 (02/02/2023)
cve_nvd_summary		A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2.2. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-220053 was assigned to this vulnerability.	A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2.2. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-220053 was assigned to this vulnerability.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			N
cvss3_nvd_a			N
cvss2_nvd_av			N
cvss2_nvd_ac			L
cvss2_nvd_au			N
cvss2_nvd_ci			P
cvss2_nvd_ii			N
cvss2_nvd_ai			N
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			N
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			N
cvss3_cna_a			N
cve_cna			VulDB
cvss2_nvd_basescore			5.0
cvss3_nvd_basescore			7.5
cvss3_cna_basescore			5.3

◂ Gurɗo Gumti Gada ▸

Do you know our Splunk app?

Download it now for free!