Lucene search
PRIOn knowledge basePRION:CVE-2024-22366HistoryJan 24, 2024 - 5:15 a.m.
Command injection
2024-01-2405:15:00
PRIOn knowledge base
www.prio-n.com
3
yamaha
wireless lan
command injection
debug
arbitrary os command
configuration alteration
vulnerability
firmware.
Active debug code exists in Yamaha wireless LAN access point devices. If a logged-in user who knows how to use the debug function accesses the device’s management page, this function can be enabled by performing specific operations. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered. Affected products and versions are as follows: WLX222 firmware Rev.24.00.03 and earlier, WLX413 firmware Rev.22.00.05 and earlier, WLX212 firmware Rev.21.00.12 and earlier, WLX313 firmware Rev.18.00.12 and earlier, and WLX202 firmware Rev.16.00.18 and earlier.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wlx202_firmware | lt | 16.00.19 | |
| wlx212_firmware | lt | 21.00.13 | |
| wlx222_firmware | lt | 24.00.04 | |
| wlx313_firmware | lt | 18.00.13 | |
| wlx413_firmware | lt | 22.00.06 |
Related
cvelist
cvelist
CVE-2024-22366
2024-01-24 04:35:55
nvd
nvd
CVE-2024-22366
2024-01-24 05:15:13
cve
cve
CVE-2024-22366
2024-01-24 05:15:13