CVE-2024-7580

🗓️ 07 Aug 2024 14:31:04Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 35 Views🌐 WEB

Vulnerability in Alien Technology ALR-F800 19.10.24.0

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-7580	7 Aug 202417:48	–	circl
CNNVD	Alien ALR-F800 操作系统命令注入漏洞	7 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-7580 Alien Technology ALR-F800 system.html os command injection	7 Aug 202414:31	–	cvelist
EUVD	EUVD-2024-48477	3 Oct 202520:07	–	euvd
NVD	CVE-2024-7580	7 Aug 202415:15	–	nvd
OSV	CVE-2024-7580	7 Aug 202415:15	–	osv
RedhatCVE	CVE-2024-7580	23 May 202509:49	–	redhatcve
Vulnrichment	CVE-2024-7580 Alien Technology ALR-F800 system.html os command injection	7 Aug 202414:31	–	vulnrichment

NVD

Vulners

Vulnrichment

Node

alientechnology alr-f800_firmwareRange≤19.10.24.00

AND

alientechnology alr-f800Match-

[
  {
    "vendor": "Alien Technology",
    "product": "ALR-F800",
    "versions": [
      {
        "version": "19.10.0",
        "status": "affected"
      },
      {
        "version": "19.10.1",
        "status": "affected"
      },
      {
        "version": "19.10.2",
        "status": "affected"
      },
      {
        "version": "19.10.3",
        "status": "affected"
      },
      {
        "version": "19.10.4",
        "status": "affected"
      },
      {
        "version": "19.10.5",
        "status": "affected"
      },
      {
        "version": "19.10.6",
        "status": "affected"
      },
      {
        "version": "19.10.7",
        "status": "affected"
      },
      {
        "version": "19.10.8",
        "status": "affected"
      },
      {
        "version": "19.10.9",
        "status": "affected"
      },
      {
        "version": "19.10.10",
        "status": "affected"
      },
      {
        "version": "19.10.11",
        "status": "affected"
      },
      {
        "version": "19.10.12",
        "status": "affected"
      },
      {
        "version": "19.10.13",
        "status": "affected"
      },
      {
        "version": "19.10.14",
        "status": "affected"
      },
      {
        "version": "19.10.15",
        "status": "affected"
      },
      {
        "version": "19.10.16",
        "status": "affected"
      },
      {
        "version": "19.10.17",
        "status": "affected"
      },
      {
        "version": "19.10.18",
        "status": "affected"
      },
      {
        "version": "19.10.19",
        "status": "affected"
      },
      {
        "version": "19.10.20",
        "status": "affected"
      },
      {
        "version": "19.10.21",
        "status": "affected"
      },
      {
        "version": "19.10.22",
        "status": "affected"
      },
      {
        "version": "19.10.23",
        "status": "affected"
      },
      {
        "version": "19.10.24",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/Push3AX/vul/blob/main/Alien%20Technology%20/ALR-F800.md
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
uploadedFile	request body	/admin/system.html	OS command injection via uploadedFile parameter in form/upload field leading to potential remote code execution.	CWE-78

07 Aug 2024 20:47Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.16.3 - 9.8

CVSS 45.3

CVSS 26.5

CVSS 36.3

EPSS0.04664

SSVC

CWE-78