CVE-2024-13502 A command injection in the NTC2218, NTC2250, NTC2299 modems' web interfaces allows to exeucte arbitrary shell commands.

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Newtec/iDirect NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM allows Local Code Inclusion.This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The commitmulticast pa...

CVE-2024-13502 A command injection in the NTC2218, NTC2250, NTC2299 modems' web interfaces allows to exeucte arbitrary shell commands.

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Newtec/iDirect NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM allows Local Code Inclusion.This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The commitmulticast pa...

CVE-2024-13503

CVE-2024-13503 affects Newtec NTC2218, NTC2250 and NTC2299 on Linux (PowerPC/ARM). A stack buffer overflow in the swdownload binary is caused by an unrestricted sscanf in the parse_INFO function, reading an incoming network packet into a fixed-size buffer. This leads to arbitrary code execution w...

Newtec/iDirect NTC2218、Newtec/iDirect NTC2250和Newtec/iDirect NTC2299 操作系统命令注入漏洞

The Newtec/iDirect NTC2218 and others are a modem from Newtec/iDirect. An operating system command injection vulnerability exists in the Newtec/iDirect NTC2218, Newtec/iDirect NTC2250, and Newtec/iDirect NTC2299, which stems from an unsatisfactory neutralization of a special element that results ...

PT-2025-2193 · Newtec · Newtec Ntc2299 +2

Name of the Vulnerable Software and Affected Versions: Newtec NTC2218, NTC2250, NTC2299 versions 1.0.1.1 through 2.2.6.19 Description: A buffer overflow issue in the swdownload binary allows attackers to execute arbitrary code. The parse INFO function uses an unrestricted sscanf to read a string ...