Description

VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.

Related CPE's

a

vitec

exterity_avediaserver

Vulnerable

o

vitec

exterity_avediastream_encoders_firmware

Vulnerable

h

vitec

exterity_avediastream_encoders

-

o

vitec

avediastream_m9605_firmware

Vulnerable

h

vitec

avediastream_m9605

-

o

vitec

avediastream_m9400_firmware

Vulnerable

h

vitec

avediastream_m9400

-

o

vitec

avediastream_m9405_firmware

Vulnerable

h

vitec

avediastream_m9405

-

o

vitec

avediastream_m9305_firmware

Vulnerable

h

vitec

avediastream_m9305

-

o

vitec

avediastream_r9300_firmware

Vulnerable

h

vitec

avediastream_r9300

-

o

vitec

avediastream_r9310_firmware

Vulnerable

h

vitec

avediastream_r9310

-

o

vitec

avediastream_m9325_firmware

Vulnerable

h

vitec

avediastream_m9325

-

o

vitec

avediastream_r9350_firmware

Vulnerable

h

vitec

avediastream_r9350

-

References

https://whitehoodhacker.net/posts/2021-10-04-the-big-rick

ExploitThird Party Advisory

https://www.exterity.com

Vendor Advisory

https://whitehoodhacker.net/posts/2021-10-04-the-big-rick

ExploitThird Party Advisory

https://www.exterity.com

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-1188

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-10-08T16:15:07.757Z

4 years ago

Last modified

2024-11-21T05:27:16.600Z

1 year ago