CVE-2024-28041

2024-03-2504:15:08

[email protected]

web.nvd.nist.gov

hgw

bl1500hm

command execution

vulnerability

network-adjacent

unauthenticated

nvd

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary command.

Affected configurations

Vulners

Node

kddi_corporationhgw_bl1500hmMatch002.001.013

CNA Affected

[
  {
    "vendor": "KDDI CORPORATION",
    "product": "HGW BL1500HM",
    "versions": [
      {
        "version": "Ver 002.001.013 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/vu/JVNVU93546510/

www.au.com/support/service/internet/guide/modem/bl1500hm/firmware/