Lucene search

PRIOn knowledge basePRION:CVE-2022-40266

HistoryNov 24, 2022 - 9:15 a.m.

Input validation

2022-11-2409:15:00

PRIOn knowledge base

www.prio-n.com

input validation

mitsubishi electric

ftp server

denial of service

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.0%

JSON

Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.

CPENameOperatorVersion
got2000_gt23_firmwarele01.39.000
got2000_gt25_firmwarele01.39.000
got2000_gt27_firmwarele01.39.000

Name	Operator	Version
got2000_gt23_firmware	le	01.39.000
got2000_gt25_firmware	le	01.39.000
got2000_gt27_firmware	le	01.39.000

References

jvn.jp/vu/JVNVU95633416

www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-016_en.pdf