7.5
CVE-2019-3404
- EPSS 0.23%
- Published 04.03.2020 14:15:10
- Last modified 21.11.2024 04:42:02
- Source security@360.cn
- Teams watchlist Login
- Open Login
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
Data is provided by the National Vulnerability Database (NVD)
360 ≫ P0 Router Firmware Version3.1.1.65150
360 ≫ F5c Router Firmware Version3.1.1.65150
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.422 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|