Lucene search

VulDBCVE-2024-7468

HistoryAug 05, 2024 - 3:16 a.m.

CVE-2024-7468

2024-08-0503:16:08

CWE-78

VulDB

web.nvd.nist.gov

raisecom msg

version 3.90

remote access

os command injection

web interface

security vulnerability

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS4

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/SC:N/VI:L/SI:N/VA:L/SA:N

AI Score

6.9

Confidence

High

EPSS

0.017

Percentile

87.9%

JSON

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been classified as critical. This affects the function sslvpn_config_mod of the file /vpn/list_service_manage.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273561 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected configurations

Nvd

Vulners

Vulnrichment

Node

raisecommsg2300_firmwareMatch3.90

AND

raisecommsg2300Match-

Node

raisecommsg2100e_firmwareMatch3.90

AND

raisecommsg2100eMatch-

Node

raisecommsg2200_firmwareMatch3.90

AND

raisecommsg2200Match-

Node

raisecommsg1200_firmwareMatch3.90

AND

raisecommsg1200Match-

VendorProductVersionCPE
raisecommsg2300_firmware3.90cpe:2.3:o:raisecom:msg2300_firmware:3.90:*:*:*:*:*:*:*
raisecommsg2300-cpe:2.3:h:raisecom:msg2300:-:*:*:*:*:*:*:*
raisecommsg2100e_firmware3.90cpe:2.3:o:raisecom:msg2100e_firmware:3.90:*:*:*:*:*:*:*
raisecommsg2100e-cpe:2.3:h:raisecom:msg2100e:-:*:*:*:*:*:*:*
raisecommsg2200_firmware3.90cpe:2.3:o:raisecom:msg2200_firmware:3.90:*:*:*:*:*:*:*
raisecommsg2200-cpe:2.3:h:raisecom:msg2200:-:*:*:*:*:*:*:*
raisecommsg1200_firmware3.90cpe:2.3:o:raisecom:msg1200_firmware:3.90:*:*:*:*:*:*:*
raisecommsg1200-cpe:2.3:h:raisecom:msg1200:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
raisecom	msg2300_firmware	3.90	cpe:2.3:o:raisecom:msg2300_firmware:3.90:::::::*
raisecom	msg2300	-	cpe:2.3:h:raisecom:msg2300:-:::::::*
raisecom	msg2100e_firmware	3.90	cpe:2.3:o:raisecom:msg2100e_firmware:3.90:::::::*
raisecom	msg2100e	-	cpe:2.3:h:raisecom:msg2100e:-:::::::*
raisecom	msg2200_firmware	3.90	cpe:2.3:o:raisecom:msg2200_firmware:3.90:::::::*
raisecom	msg2200	-	cpe:2.3:h:raisecom:msg2200:-:::::::*
raisecom	msg1200_firmware	3.90	cpe:2.3:o:raisecom:msg1200_firmware:3.90:::::::*
raisecom	msg1200	-	cpe:2.3:h:raisecom:msg1200:-:::::::*

CNA Affected

[
  {
    "vendor": "Raisecom",
    "product": "MSG1200",
    "versions": [
      {
        "version": "3.90",
        "status": "affected"
      }
    ],
    "modules": [
      "Web Interface"
    ]
  },
  {
    "vendor": "Raisecom",
    "product": "MSG2100E",
    "versions": [
      {
        "version": "3.90",
        "status": "affected"
      }
    ],
    "modules": [
      "Web Interface"
    ]
  },
  {
    "vendor": "Raisecom",
    "product": "MSG2200",
    "versions": [
      {
        "version": "3.90",
        "status": "affected"
      }
    ],
    "modules": [
      "Web Interface"
    ]
  },
  {
    "vendor": "Raisecom",
    "product": "MSG2300",
    "versions": [
      {
        "version": "3.90",
        "status": "affected"
      }
    ],
    "modules": [
      "Web Interface"
    ]
  }
]

References

github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/sQrromK7x42JbLgY/Command%20Injection%20Vulnerability%20in%20RAISECOM%20Gateway%20Devices-list_service_manage.php.pdf

vuldb.com/?ctiid.273561

vuldb.com/?id.273561

vuldb.com/?submit.385348

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS4

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/SC:N/VI:L/SI:N/VA:L/SA:N

AI Score

6.9

Confidence

High

EPSS

0.017

Percentile

87.9%

JSON

Related for CVE-2024-7468