Lucene search
K

8 matches found

Nuclei
Nuclei
added 6 hours ago39 views

Cassia Gateway Firmware - Remote Code Execution

In Cassia Gateway firmware XC10002.1.1.2303082218 and XC20002.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup. id: CVE-2023-31446 info: name: Cassia Gateway Firmware - Remote Code...

9.8CVSS7.2AI score0.61081EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.7 views

CVE-2023-31446

In Cassia Gateway firmware XC10002.1.1.2303082218 and XC20002.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup...

9.8CVSS7.2AI score0.61081EPSS
Exploits1References1
OSV
OSV
added 2024/01/10 3:15 a.m.4 views

CVE-2023-31446

In Cassia Gateway firmware XC10002.1.1.2303082218 and XC20002.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup...

9.8CVSS5.8AI score0.61081EPSS
Exploits1References3
NVD
NVD
added 2024/01/10 3:15 a.m.14 views

CVE-2023-31446

In Cassia Gateway firmware XC10002.1.1.2303082218 and XC20002.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup...

9.8CVSS9.6AI score0.61081EPSS
Exploits1References3
Prion
Prion
added 2024/01/10 3:15 a.m.17 views

Code injection

In Cassia Gateway firmware XC10002.1.1.2303082218 and XC20002.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup...

7.5CVSS7.4AI score0.61081EPSS
Exploits1References3Affected Software2
Vulnrichment
Vulnrichment
added 2024/01/10 12:0 a.m.4 views

CVE-2023-31446

In Cassia Gateway firmware XC10002.1.1.2303082218 and XC20002.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup...

9.7AI score0.61081EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/01/10 12:0 a.m.7 views

Cassia Networks Gateway Security Vulnerability

Cassia Networks Gateway is an IoT gateway from Cassia Networks. A security vulnerability exists in Cassia Networks Gateway versions XC10002.1.1.2303082218, XC20002.1.1.2303090947, which stems from an uncleared queueUrl parameter in /bypass/config...

9.8CVSS6.9AI score0.61081EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/01/06 12:0 a.m.5 views

PT-2024-1049 · Cassia · Cassia Gateway Firmware Xc2000 +1

Name of the Vulnerable Software and Affected Versions: Cassia Gateway firmware XC1000 2.1.1.2303082218 Cassia Gateway firmware XC2000 2.1.1.2303090947 Description: The issue is related to the queueUrl parameter in the "/bypass/config" API endpoint, which is not properly sanitized. This allows for...

9.8CVSS9.3AI score0.61081EPSS
Exploits1References14
Rows per page
Query Builder