An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS responses, can redirect the SSH connection to an attacker controlled device.
oryginał ENCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XColumbiaweather Weather Microserver
HWColumbiaweatherwszystkie wersjeColumbiaweather Weather Microserver Firmware
OSColumbiaweather< MS_4.1_14142
Powiązane podatności
An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and direc...
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alter...
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, the BACnet daemon does not properly validate ...
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands d...
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue m...