3777 matches found
PT-2023-19823 · Unknown · Data Modem
Name of the Vulnerable Software and Affected Versions: data Modem affected versions not specified Description: The issue is related to Information Disclosure in the data Modem while parsing an FMTP line in an SDP message. Recommendations: At the moment, there is no information about a newer versi...
PT-2023-18477 · Unknown · Data Modem
Name of the Vulnerable Software and Affected Versions: Data Modem affected versions not specified Description: The issue is related to memory corruption in the Data Modem when making a MO call or MT VOLTE call. Recommendations: At the moment, there is no information about a newer version that...
PT-2023-19822 · Unknown · Data Modem
Name of the Vulnerable Software and Affected Versions: Data Modem affected versions not specified Description: The issue is related to Information Disclosure in the Data Modem when performing a VoLTE call with an undefined RTCP FB line value. Recommendations: At the moment, there is no informatio...
PT-2023-19821 · Modem · Modem
Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a Transient Denial of Service DOS in the Modem while allocating DSM items. No information is provided about the estimated number of potentially affected devices...
PT-2023-5869 · Qualcomm · Qualcomm Data Modem
Name of the Vulnerable Software and Affected Versions: Qualcomm Data Modem affected versions not specified Description: The issue is related to a cryptographic problem in the Data Modem due to improper authentication during the TLS handshake. This can allow a remote attacker to gain read, modify,...
PT-2023-5876 · Qualcomm · Qualcomm
Name of the Vulnerable Software and Affected Versions: Qualcomm affected versions not specified Description: The issue is related to memory corruption in the modem while processing security-related configuration before AS Security Exchange. This corruption is due to an out-of-bounds pointer offse...
PUB-A-276971478
In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-43478
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43478
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
Remote code execution
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43477
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-43477
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
Command injection
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-43478
The CVE-2023-43478 entry concerns Telstra Smart Modem Gen 2 (Arcadyan LH1000) with firmware versions prior to 0.18.15r. The vulnerability stems from the fake_upload.cgi endpoint, which allows unauthenticated uploads of firmware images and configuration backups, potentially enabling an attacker to...
CVE-2023-43478 Unauthenticated configuration restore and firmware update
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43478 Unauthenticated configuration restore and firmware update
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43477 Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-43477
CVE-2023-43477 affects Telstra Smart Modem Gen 2 (Arcadyan LH1000). The flaw is in the web UI component ping_tracerte.cgi: the ping_from parameter is not properly sanitized before being used in a system call, enabling a authenticated user to perform a command injection as root on firmware versions
CVE-2023-43477 Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
Telstra Smart Modem Code Issue Vulnerability
Telstra Smart Modem is a smart modem from Telstra. A security vulnerability exists in Telstra Smart Modem Gen 2 firmware prior to version 0.18.15r, which originates from a vulnerability that could allow an authenticated attacker to alter the firmware or configuration on the device and execute cod...