CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-31575

In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.6%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2021-31575

Mediatek » En7528 » Version: N/A

cpe:2.3:h:mediatek:en7528:-
Mediatek » En7580 » Version: N/A

cpe:2.3:h:mediatek:en7580:-
Mediatek » En7528 Firmware » Version: N/A

cpe:2.3:o:mediatek:en7528_firmware:-
Mediatek » En7528 Firmware » Version: tlm7.3.275.0-64

cpe:2.3:o:mediatek:en7528_firmware:tlm7.3.275.0-64
Mediatek » En7580 Firmware » Version: N/A

cpe:2.3:o:mediatek:en7580_firmware:-
Mediatek » En7580 Firmware » Version: tlm7.3.275.0-64

cpe:2.3:o:mediatek:en7580_firmware:tlm7.3.275.0-64

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-31575

Products

Pricing

Contact Us