147 matches found
PT-2024-24732
Name of the Vulnerable Software and Affected Versions ATCMD affected versions not specified Description The issue arises from a misinterpretation of a value in ATCMD by the printf function, leading to incorrect output and potential out-of-bounds memory access. Recommendations At the moment, there...
CVE-2022-26941
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...
CVE-2022-26941
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...
Format string
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...
CVE-2022-26941
CVE-2022-26941 affects Motorola MTM5000 series firmware; the AT+CTGL command handler contains a format-string vulnerability where an attacker-controlled string can be misinterpreted, enabling a write-anything-anywhere condition and arbitrary code execution inside the teds_app binary that runs wit...
CVE-2022-26941 Format string vulnerability in AT+CTGL command in Motorola MTM5000
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...
Motorola MTM5000 Formatting String Error Vulnerability
The Motorola MTM5000 is a mobile radio from Motorola, USA. A security vulnerability exists in the Motorola MTM5000 that stems from a format string vulnerability in the AT+CTGL command in the command handler, which results in a write-anywhere scenario that can be exploited to obtain arbitrary code...
CVE-2023-33378
Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices...
CVE-2023-33378
Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices...
Design/Logic Flaw
Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices...
CVE-2023-33378
Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices...
Connected IO Parameter Injection Vulnerability
Connected IO is a leading hardware, software and cloud-based IoT and machine-to-machine solution from US-based Connected IO, Inc. A security vulnerability exists in Connected IO ER2000 v2.1.0 and earlier versions, which stems from a parameter injection vulnerability in the AT command in the...
HUAWEI HarmonyOS 缓冲区错误漏洞
HUAWEI HarmonyOS is an operating system from China's Huawei HUAWEI. It provides a microkernel-based distributed operating system. A security vulnerability exists in HUAWEI HarmonyOS 2.0, which stems from an out-of-bounds read vulnerability in the USB port AT command, which could be exploited by a...
Command injection
In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083...
CVE-2022-20054
In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083...
CVE-2022-20054
The CVE-2022-20054 issue affects the ims service, with a missing permission check enabling a possible AT command injection that could allow local escalation of privilege without additional execution privileges or user interaction. Affected context is MediaTek-based platforms (as per multiple sour...
CVE-2022-23728
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011...
CVE-2022-23728
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011...
Command injection
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011...
CVE-2022-23728
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011...