VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.
References
Link | Resource |
---|---|
https://whitehoodhacker.net/posts/2021-10-04-the-big-rick | Exploit Third Party Advisory |
https://www.exterity.com | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1188 |
19 Oct 2021, 14:02
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-269 | |
References | (MISC) https://www.exterity.com - Vendor Advisory | |
References | (MISC) https://whitehoodhacker.net/posts/2021-10-04-the-big-rick - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CPE | cpe:2.3:o:vitec:avediastream_m9405_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_r9350:-:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_m9605:-:*:*:*:*:*:*:* cpe:2.3:o:vitec:avediastream_r9350_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_r9310:-:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_m9400:-:*:*:*:*:*:*:* cpe:2.3:o:vitec:avediastream_r9310_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:vitec:exterity_avediastream_encoders:-:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_r9300:-:*:*:*:*:*:*:* cpe:2.3:o:vitec:avediastream_m9605_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_m9325:-:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_m9305:-:*:*:*:*:*:*:* cpe:2.3:o:vitec:exterity_avediastream_encoders_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:vitec:avediastream_m9405:-:*:*:*:*:*:*:* cpe:2.3:o:vitec:avediastream_m9325_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:vitec:exterity_avediaserver:*:*:*:*:*:*:*:* cpe:2.3:o:vitec:avediastream_m9305_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vitec:avediastream_m9400_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:vitec:avediastream_r9300_firmware:*:*:*:*:*:*:*:* |
08 Oct 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-08 18:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-42109
Mitre link : CVE-2021-42109
CVE.ORG link : CVE-2021-42109
JSON object : View
Products Affected
vitec
- avediastream_m9305
- avediastream_m9325_firmware
- avediastream_m9405
- exterity_avediaserver
- avediastream_m9605
- avediastream_r9350
- avediastream_m9400_firmware
- avediastream_m9325
- avediastream_m9605_firmware
- avediastream_r9350_firmware
- avediastream_m9405_firmware
- avediastream_r9300_firmware
- avediastream_r9300
- avediastream_r9310_firmware
- avediastream_r9310
- exterity_avediastream_encoders
- avediastream_m9305_firmware
- avediastream_m9400
- exterity_avediastream_encoders_firmware
CWE
CWE-1188
Insecure Default Initialization of Resource