CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
51.9%
In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.
Vendor | Product | Version | CPE |
---|---|---|---|
openwrt | openwrt | 19.07.0 | cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:* |
openwrt | openwrt | 21.02.0 | cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:* |
mediatek | mt6890 | - | cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* |
mediatek | mt7603 | - | cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:* |
mediatek | mt7612 | - | cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:* |
mediatek | mt7613 | - | cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:* |
mediatek | mt7615 | - | cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:* |
mediatek | mt7622 | - | cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:* |
mediatek | mt7626 | - | cpe:2.3:h:mediatek:mt7626:-:*:*:*:*:*:*:* |
mediatek | mt7629 | - | cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:* |