| عنوان | Raisecom MSG1200, MSG2100E, MSG2200, MSG2300 SoftwareVersion=3.90 Command Injection |
|---|
| الوصف | A command injection vulnerability has been identified in the RAISECOM Gateway devices, affecting models MSG1200, MSG2100E, MSG2200, and MSG2300. This vulnerability allows remote attackers to execute arbitrary commands on the system via the web interface. The issue resides in the list_base_config.php script, specifically via the template parameter, affecting over 25,112 devices on the Internet. |
|---|
| المصدر | ⚠️ https://netsecfish.notion.site/Command-Injection-Vulnerability-in-RAISECOM-Gateway-Devices-673bc7d2f8db499f9de7182d4706c707?pvs=4 |
|---|
| المستخدم | netsecfish (UID 64568) |
|---|
| ارسال | 25/07/2024 02:53 PM (2 سنوات منذ) |
|---|
| الاعتدال | 25/07/2024 08:53 PM (6 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 272451 [Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface list_base_config.php template تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|