CVE-2024-7578

🗓️ 07 Aug 2024 13:00:07Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 31 Views🌐 WEB

Vulnerability in Alien Technology ALR-F800 up to 19.10.24.0

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-7578	7 Aug 202416:07	–	circl
CNNVD	Alien ALR-F800 授权问题漏洞	7 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-7578 Alien Technology ALR-F800 cmd.php improper authorization	7 Aug 202413:00	–	cvelist
EUVD	EUVD-2024-48475	3 Oct 202520:07	–	euvd
NVD	CVE-2024-7578	7 Aug 202413:16	–	nvd
OSV	CVE-2024-7578	7 Aug 202413:16	–	osv
RedhatCVE	CVE-2024-7578	5 Feb 202511:57	–	redhatcve
Vulnrichment	CVE-2024-7578 Alien Technology ALR-F800 cmd.php improper authorization	7 Aug 202413:00	–	vulnrichment

NVD

Vulners

Vulnrichment

Node

alientechnology alr-f800_firmwareRange≤19.10.24

AND

alientechnology alr-f800Match-

[
  {
    "vendor": "Alien Technology",
    "product": "ALR-F800",
    "versions": [
      {
        "version": "19.10.0",
        "status": "affected"
      },
      {
        "version": "19.10.1",
        "status": "affected"
      },
      {
        "version": "19.10.2",
        "status": "affected"
      },
      {
        "version": "19.10.3",
        "status": "affected"
      },
      {
        "version": "19.10.4",
        "status": "affected"
      },
      {
        "version": "19.10.5",
        "status": "affected"
      },
      {
        "version": "19.10.6",
        "status": "affected"
      },
      {
        "version": "19.10.7",
        "status": "affected"
      },
      {
        "version": "19.10.8",
        "status": "affected"
      },
      {
        "version": "19.10.9",
        "status": "affected"
      },
      {
        "version": "19.10.10",
        "status": "affected"
      },
      {
        "version": "19.10.11",
        "status": "affected"
      },
      {
        "version": "19.10.12",
        "status": "affected"
      },
      {
        "version": "19.10.13",
        "status": "affected"
      },
      {
        "version": "19.10.14",
        "status": "affected"
      },
      {
        "version": "19.10.15",
        "status": "affected"
      },
      {
        "version": "19.10.16",
        "status": "affected"
      },
      {
        "version": "19.10.17",
        "status": "affected"
      },
      {
        "version": "19.10.18",
        "status": "affected"
      },
      {
        "version": "19.10.19",
        "status": "affected"
      },
      {
        "version": "19.10.20",
        "status": "affected"
      },
      {
        "version": "19.10.21",
        "status": "affected"
      },
      {
        "version": "19.10.22",
        "status": "affected"
      },
      {
        "version": "19.10.23",
        "status": "affected"
      },
      {
        "version": "19.10.24",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/Push3AX/vul/blob/main/Alien%20Technology%20/ALR-F800.md
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
cmd	request body	/cmd.php	Remote manipulation of the cmd argument leads to improper authorization on the cmd.php endpoint.	CWE-285

28 Aug 2024 18:27Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.3 - 9.8

CVSS 46.9

CVSS 27.5

CVSS 37.3

EPSS0.00256

SSVC

CWE-285