Lucene search
+L

50 matches found

CVE
CVE
added 2022/09/08 7:10 a.m.66 views

CVE-2022-38094

CVE-2022-38094 is an OS command injection vulnerability in the Telnet function of CentreCOM AR260S V2 firmware prior to Ver. 3.3.7. The issue allows a remote authenticated attacker to execute arbitrary OS commands. Red Hat, NVD, JVN, and other connected records corroborate the condition and impac...

8.8CVSS9AI score0.01525EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/08 7:10 a.m.25 views

CVE-2022-38094

OS command injection vulnerability in the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command...

9.2AI score0.01525EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/08 7:10 a.m.25 views

CVE-2022-35273

OS command injection vulnerability in GUI setting page of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command...

9.2AI score0.01525EPSS
Exploits0References2
CVE
CVE
added 2022/09/08 7:10 a.m.76 views

CVE-2022-35273

CVE-2022-35273 describes an OS command injection in the GUI setting page of CentreCOM AR260S V2 firmware prior to Ver.3.3.7. A remote authenticated attacker could execute arbitrary OS commands due to the vulnerable GUI handling. Affected product: CentreCOM AR260S V2; vulnerable component: GUI set...

8.8CVSS9AI score0.01525EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/08 7:10 a.m.63 views

CVE-2022-34869

The CVE-2022-34869 issue affects CentreCOM AR260S V2 firmware before 3.3.7. A vulnerability exists in an undocumented hidden command accessible via the telnet function, which an authenticated remote attacker can use to execute arbitrary OS commands. The vulnerability is confirmed across multiple ...

8.8CVSS8.9AI score0.00986EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/08 7:10 a.m.37 views

CVE-2022-34869

Undocumented hidden command that can be executed from the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command...

9.2AI score0.00986EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.11 views

The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to increase their privileges.

The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the presence of undocumented commands. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

8.1CVSS7.5AI score0.00986EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.16 views

The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to gain access to user credentials.

The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to gain access to these login credentials remotely...

8.1CVSS7.6AI score0.00947EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.8 views

The vulnerability of the telnet server software for CentreCOM AR260S V2 exists due to the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.

The vulnerability of the telnet server software for CentreCOM AR260S V2 exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary shell commands on the target syste...

10CVSS7.9AI score0.01525EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/05 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the CentreCOM AR260S V2 exists due to the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.

The vulnerability of the microprogrammed software of the CentreCOM AR260S V2 router exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary shell commands on the...

10CVSS7.9AI score0.01525EPSS
Exploits0References4Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/08/29 8:37 a.m.3 views

Multiple vulnerabilities in CentreCOM AR260S V2

Overview CentreCOM AR260S V2 provided by Allied Telesis K.K. contains multiple vulnerabilities listed below. OS command injection vulnerability in GUI setting page CWE-78 - CVE-2022-35273 Use of hard-coded credentials for the telnet server CWE-798 - CVE-2022-38394 Undocumented hidden command that...

9.8CVSS8.1AI score0.01525EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2022/08/29 12:0 a.m.5 views

PT-2022-4625 · Centrecom · Centrecom Ar260S V2

Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to an OS command injection vulnerability in the GUI setting page, allowing a remote authenticated attacker to execute an arbitrary OS command. This...

10CVSS8.7AI score0.01525EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/08/29 12:0 a.m.5 views

PT-2022-4622 · Centrecom · Centrecom Ar260S V2

Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to an OS command injection vulnerability in the telnet function, allowing a remote authenticated attacker to execute arbitrary OS commands. This is due...

10CVSS8.8AI score0.01525EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/08/29 12:0 a.m.5 views

Allied Telesis CentreCOM AR260S 操作系统命令注入漏洞

The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 version, which is caused by a system command injection via telnet...

8.8CVSS7.5AI score0.01525EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/29 12:0 a.m.7 views

Allied Telesis CentreCOM AR260S 安全漏洞

The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 firmware prior to version 3.3.7, which originates from undocumented hidden commands that can be executed by an attacker from the...

8.8CVSS6.9AI score0.00986EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/08/29 12:0 a.m.61 views

JVN#45473612: Multiple vulnerabilities in CentreCOM AR260S V2

CentreCOM AR260S V2 provided by Allied Telesis K.K. contains multiple vulnerabilities listed below. OS command injection vulnerability in GUI setting page CWE-78 - CVE-2022-35273 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2|...

9.8CVSS9.3AI score0.01525EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/08/29 12:0 a.m.3 views

PT-2022-4624 · Centrecom · Centrecom Ar260S V2

Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to the use of hard-coded credentials for the telnet server, allowing a remote unauthenticated attacker to execute an arbitrary OS command. This could...

9.8CVSS9.5AI score0.00947EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/08/29 12:0 a.m.5 views

Allied Telesis CentreCOM AR260S 信任管理问题漏洞

The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 version, which stems from the use of hard-coded credentials by the telnet service...

9.8CVSS6.8AI score0.00947EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/29 12:0 a.m.6 views

Allied Telesis CentreCOM AR260S 操作系统命令注入漏洞

The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 version, which originates from an operating system command injection in the GUI settings page...

8.8CVSS7.4AI score0.01525EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/29 12:0 a.m.3 views

PT-2022-4623 · Centrecom · Centrecom Ar260S V2

Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to an undocumented hidden command that can be executed from the telnet function, allowing a remote authenticated attacker to execute an arbitrary OS...

8.8CVSS8.6AI score0.00986EPSS
Exploits0References8
Rows per page
Query Builder