CGE
by Chtsecurity
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22858 | Hig | 0.57 | 8.8 | 0.01 | Feb 17, 2021 | Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions. | ||
| CVE-2021-22857 | Hig | 0.49 | 7.5 | 0.02 | Feb 17, 2021 | The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily. |
- risk 0.57cvss 8.8epss 0.01
Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions.
- risk 0.49cvss 7.5epss 0.02
The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily.