Lucene search

[email protected]NVD:CVE-2024-7470

HistoryAug 05, 2024 - 4:15 a.m.

CVE-2024-7470

2024-08-0504:15:59

CWE-78

[email protected]

web.nvd.nist.gov

raisecom msg series

critical vulnerability

web interface

remote attack

os command injection

public exploit

vdb-273563

vendor non response

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.017

Percentile

87.9%

JSON

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been rated as critical. This issue affects the function sslvpn_config_mod of the file /vpn/vpn_template_style.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273563. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected configurations

Nvd

Node

raisecommsg2300_firmwareMatch3.90

AND

raisecommsg2300Match-

Node

raisecommsg2100e_firmwareMatch3.90

AND

raisecommsg2100eMatch-

Node

raisecommsg2200_firmwareMatch3.90

AND

raisecommsg2200Match-

Node

raisecommsg1200_firmwareMatch3.90

AND

raisecommsg1200Match-

VendorProductVersionCPE
raisecommsg2300_firmware3.90cpe:2.3:o:raisecom:msg2300_firmware:3.90:*:*:*:*:*:*:*
raisecommsg2300-cpe:2.3:h:raisecom:msg2300:-:*:*:*:*:*:*:*
raisecommsg2100e_firmware3.90cpe:2.3:o:raisecom:msg2100e_firmware:3.90:*:*:*:*:*:*:*
raisecommsg2100e-cpe:2.3:h:raisecom:msg2100e:-:*:*:*:*:*:*:*
raisecommsg2200_firmware3.90cpe:2.3:o:raisecom:msg2200_firmware:3.90:*:*:*:*:*:*:*
raisecommsg2200-cpe:2.3:h:raisecom:msg2200:-:*:*:*:*:*:*:*
raisecommsg1200_firmware3.90cpe:2.3:o:raisecom:msg1200_firmware:3.90:*:*:*:*:*:*:*
raisecommsg1200-cpe:2.3:h:raisecom:msg1200:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
raisecom	msg2300_firmware	3.90	cpe:2.3:o:raisecom:msg2300_firmware:3.90:::::::*
raisecom	msg2300	-	cpe:2.3:h:raisecom:msg2300:-:::::::*
raisecom	msg2100e_firmware	3.90	cpe:2.3:o:raisecom:msg2100e_firmware:3.90:::::::*
raisecom	msg2100e	-	cpe:2.3:h:raisecom:msg2100e:-:::::::*
raisecom	msg2200_firmware	3.90	cpe:2.3:o:raisecom:msg2200_firmware:3.90:::::::*
raisecom	msg2200	-	cpe:2.3:h:raisecom:msg2200:-:::::::*
raisecom	msg1200_firmware	3.90	cpe:2.3:o:raisecom:msg1200_firmware:3.90:::::::*
raisecom	msg1200	-	cpe:2.3:h:raisecom:msg1200:-:::::::*

References

github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/sQrromK7x42JbLgY/Command%20Injection%20Vulnerability%20in%20RAISECOM%20Gateway%20Devices-vpn_template_style.php.pdf

vuldb.com/?ctiid.273563

vuldb.com/?id.273563

vuldb.com/?submit.385350

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.017

Percentile

87.9%

JSON

Related for NVD:CVE-2024-7470

cvelist1 vulnrichment1 cve1