CVE-2022-40266
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.1 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
51.9%
Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| mitsubishielectric:got2000_gt27_firmware | mitsubishielectric got2000 gt27 firmware | le | 01.39.000 |
CNA Affected
[
{
"product": "GOT2000 Series GT27 model",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "FTP server versions 01.39.000 and prior"
}
]
},
{
"product": "GOT2000 Series GT25 model",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "FTP server versions 01.39.000 and prior"
}
]
},
{
"product": "GOT2000 Series GT23 model",
"vendor": "Mitsubishi Electric",
"versions": [
{
"status": "affected",
"version": "FTP server versions 01.39.000 and prior"
}
]
}
]References
Social References
More
Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.1 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
51.9%