Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-36509

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Aug, 2022 | 13:58
Updated At-17 Jun, 2025 | 19:21
Rejected At-
Credits

H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Aug, 2022 | 13:58
Updated At:17 Jun, 2025 | 19:21
Rejected At:
▼CVE Numbering Authority (CNA)

H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.md
x_refsource_MISC
Hyperlink: https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.md
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.md
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.md
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:25 Aug, 2022 | 14:15
Updated At:17 Jun, 2025 | 20:15

H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
New H3C Technologies Co., Ltd.
h3c
>>gr3200_firmware>>minigr1b0v100r014
cpe:2.3:o:h3c:gr3200_firmware:minigr1b0v100r014:*:*:*:*:*:*:*
New H3C Technologies Co., Ltd.
h3c
>>gr3200>>-
cpe:2.3:h:h3c:gr3200:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Primarynvd@nist.gov
CWE-78Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-78
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-78
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.mdcve@mitre.org
Exploit
Third Party Advisory
https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.mdaf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
Hyperlink: https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.md
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://github.com/Darry-lang1/vuln/blob/main/H3C/GR3200/1/readme.md
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

277Records found
CVE-2022-36510
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.36% / 79.36%
||
7 Day CHG+0.56%
Published-25 Aug, 2022 | 13:58
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR2200 MiniGR1A0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr2200gr2200_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-36478
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36507
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.11%
||
7 Day CHG+0.02%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddWlanMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37074
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.08%
Published-25 Aug, 2022 | 14:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-120wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36508
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.11%
||
7 Day CHG+0.02%
Published-25 Aug, 2022 | 13:58
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plus_firmwaremagic_nx18_plusn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36472
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMobileAPInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36494
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function edditactionlist.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36501
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.11%
||
7 Day CHG+0.02%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateSnat.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36495
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function addactionlist.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36505
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.11%
||
7 Day CHG+0.02%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36475
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36471
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMacAccessMode.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36474
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function WlanWpsSet.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36497
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36504
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.11%
||
7 Day CHG+0.02%
Published-25 Aug, 2022 | 13:58
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plus_firmwaremagic_nx18_plusn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36502
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.11%
||
7 Day CHG+0.02%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateWanParams.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36496
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMobileAPInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36468
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36470
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36490
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36491
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateIpv6Params.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36500
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditWlanMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36489
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EnableIpv6.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36503
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG-0.01%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateMacClone.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36469
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36498
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36499
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function DEleteusergroup.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36506
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.81%
||
7 Day CHG-0.01%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMacAccessMode.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36477
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddWlanMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36493
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36473
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36492
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.66%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36467
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function EditMacList.d.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37070
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.11% / 94.32%
||
7 Day CHG+10.73%
Published-25 Aug, 2022 | 14:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-1200wn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-57014
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.73% / 85.37%
||
7 Day CHG~0.00%
Published-15 Jan, 2025 | 00:00
Updated-18 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.

Action-Not Available
Vendor-n/aTOTOLINK
Product-x5000rx5000r_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-7383
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 60.56%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 19:04
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin. A shell command injection occurs by editing the description of an ISP file. The file network/isp/isp_update_edit.php does not properly validate user input, which leads to shell command injection via the des parameter.

Action-Not Available
Vendor-systromen/a
Product-cumilon_isg-800w_firmwarecumilon_isg-600h_firmwarecumilon_isg-600c_firmwarecumilon_isg-800wcumilon_isg-600hcumilon_isg-600cn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5167
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.86%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 22:25
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/edit_dns_server %s dns-server-nr=%d dns-server-name=<contents of dns node> using sprintf(). This command is later executed via a call to system(). This is done in a loop and there is no limit to how many dns entries will be parsed from the xml file.

Action-Not Available
Vendor-wagoWago
Product-pfc_200pfc200_firmwareWAGO PFC200 Firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-7690
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.09%
||
7 Day CHG~0.00%
Published-14 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program.

Action-Not Available
Vendor-proxifiern/a
Product-proxifiern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-53899
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-1.00% / 76.06%
||
7 Day CHG~0.00%
Published-24 Nov, 2024 | 00:00
Updated-10 Feb, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.

Action-Not Available
Vendor-virtualenvn/avirtualenv
Product-virtualenvn/avirtualenv
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-53256
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.38% / 58.45%
||
7 Day CHG~0.00%
Published-23 Dec, 2024 | 15:17
Updated-24 Dec, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rizin has a command injection via RzBinInfo bclass due legacy code

Rizin is a UNIX-like reverse engineering framework and command-line toolset. `rizin.c` still had an old snippet of code which suffered a command injection due the usage of `rz_core_cmdf` to invoke the command `m` which was removed in v0.1.x. A malicious binary defining `bclass` (part of RzBinInfo) is executed if `rclass` (part of RzBinInfo) is set to `fs`; the vulnerability can be exploited by any bin format where `bclass` and `rclass` are user defined. This vulnerability is fixed in 0.7.4.

Action-Not Available
Vendor-rizinorg
Product-rizin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-45602
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.15% / 36.85%
||
7 Day CHG~0.00%
Published-26 Dec, 2021 | 00:38
Updated-04 Aug, 2024 | 04:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rax70wn3000rpv2rax120v1r8900_firmwared7800r6700axrax120v2_firmwarewn3000rpv3rax78rax70_firmwarexr500_firmwarexr700_firmwarexr450_firmwarerax10_firmwarexr500rax10rax120v2d7800_firmwarewn3000rpv3_firmwarer8900r9000_firmwarewn3000rpv2_firmwarerax120v1_firmwarerax78_firmwarelbr1020_firmwareex2700r9000r7800ex2700_firmwarelbr20r7800_firmwarelbr20_firmwarelbr1020xr450xr700r6700ax_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5072
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.59% / 68.23%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 16:16
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1200_smart_dual-band_gigabit_wifiac9v1.0_firmwareTenda AC9
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-49565
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.82%
||
7 Day CHG-0.03%
Published-28 Mar, 2025 | 01:28
Updated-08 Jul, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.

Action-Not Available
Vendor-Dell Inc.
Product-unity_operating_environmentUnity
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5174
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.35% / 56.71%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 22:25
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1e9fc the extracted subnetmask value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled subnet-mask=<contents of subnetmask node> using sprintf(). This command is later executed via a call to system().

Action-Not Available
Vendor-wagoWago
Product-pfc200pfc200_firmwareWAGO PFC200 Firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-45242
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.12%
||
7 Day CHG~0.00%
Published-24 Oct, 2024 | 00:00
Updated-28 Oct, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2_c1.9.51 allow (blind) OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credentials of admin/admin. An unauthorized attacker in proximity to the Wi-Fi network can exploit this window of time to execute arbitrary OS commands with root-level permissions.

Action-Not Available
Vendor-n/aengeniustech
Product-n/aenh1350ext_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5173
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.35% / 56.71%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 22:18
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e9fc the extracted state value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=<contents of state node> using sprintf(). This command is later executed via a call to system().

Action-Not Available
Vendor-wagoWago
Product-pfc200pfc200_firmwareWAGO PFC200
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-41016
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-7.8||HIGH
EPSS-0.81% / 73.22%
||
7 Day CHG~0.00%
Published-02 Feb, 2022 | 10:58
Updated-25 Oct, 2024 | 13:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortiextender_firmwarefortiextendern/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5175
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.35% / 56.71%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 22:25
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1ea28 the extracted type value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled config-type=<contents of type node> using sprintf(). This command is later executed via a call to system().

Action-Not Available
Vendor-wagoWago
Product-pfc200pfc200_firmwareWAGO PFC200
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5071
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.43% / 62.00%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 16:15
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac1200_smart_dual-band_gigabit_wifiac9v1.0_firmwareTenda AC9
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-5169
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.31% / 53.90%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 23:17
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e900 the extracted gateway value from the xml file is used as an argument to /etc/config-tools/config_default_gateway number=0 state=enabled value=<contents of gateway node> using sprintf(). This command is later executed via a call to system().

Action-Not Available
Vendor-wagoWago
Product-pfc200pfc200_firmwareWAGO PFC200
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found