50 matches found
CVE-2022-38094
CVE-2022-38094 is an OS command injection vulnerability in the Telnet function of CentreCOM AR260S V2 firmware prior to Ver. 3.3.7. The issue allows a remote authenticated attacker to execute arbitrary OS commands. Red Hat, NVD, JVN, and other connected records corroborate the condition and impac...
CVE-2022-38094
OS command injection vulnerability in the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command...
CVE-2022-35273
OS command injection vulnerability in GUI setting page of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command...
CVE-2022-35273
CVE-2022-35273 describes an OS command injection in the GUI setting page of CentreCOM AR260S V2 firmware prior to Ver.3.3.7. A remote authenticated attacker could execute arbitrary OS commands due to the vulnerable GUI handling. Affected product: CentreCOM AR260S V2; vulnerable component: GUI set...
CVE-2022-34869
The CVE-2022-34869 issue affects CentreCOM AR260S V2 firmware before 3.3.7. A vulnerability exists in an undocumented hidden command accessible via the telnet function, which an authenticated remote attacker can use to execute arbitrary OS commands. The vulnerability is confirmed across multiple ...
CVE-2022-34869
Undocumented hidden command that can be executed from the telnet function of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote authenticated attacker to execute an arbitrary OS command...
The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to increase their privileges.
The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the presence of undocumented commands. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
The vulnerability of the telnet server’s microprogramming software for the CentreCOM AR260S V2 allows a hacker to gain access to user credentials.
The vulnerability of the telnet server software for CentreCOM AR260S V2 lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to gain access to these login credentials remotely...
The vulnerability of the telnet server software for CentreCOM AR260S V2 exists due to the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.
The vulnerability of the telnet server software for CentreCOM AR260S V2 exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary shell commands on the target syste...
The vulnerability of the microprogrammed software of the CentreCOM AR260S V2 exists due to the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.
The vulnerability of the microprogrammed software of the CentreCOM AR260S V2 router exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary shell commands on the...
Multiple vulnerabilities in CentreCOM AR260S V2
Overview CentreCOM AR260S V2 provided by Allied Telesis K.K. contains multiple vulnerabilities listed below. OS command injection vulnerability in GUI setting page CWE-78 - CVE-2022-35273 Use of hard-coded credentials for the telnet server CWE-798 - CVE-2022-38394 Undocumented hidden command that...
PT-2022-4625 · Centrecom · Centrecom Ar260S V2
Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to an OS command injection vulnerability in the GUI setting page, allowing a remote authenticated attacker to execute an arbitrary OS command. This...
PT-2022-4622 · Centrecom · Centrecom Ar260S V2
Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to an OS command injection vulnerability in the telnet function, allowing a remote authenticated attacker to execute arbitrary OS commands. This is due...
Allied Telesis CentreCOM AR260S 操作系统命令注入漏洞
The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 version, which is caused by a system command injection via telnet...
Allied Telesis CentreCOM AR260S 安全漏洞
The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 firmware prior to version 3.3.7, which originates from undocumented hidden commands that can be executed by an attacker from the...
JVN#45473612: Multiple vulnerabilities in CentreCOM AR260S V2
CentreCOM AR260S V2 provided by Allied Telesis K.K. contains multiple vulnerabilities listed below. OS command injection vulnerability in GUI setting page CWE-78 - CVE-2022-35273 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2|...
PT-2022-4624 · Centrecom · Centrecom Ar260S V2
Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to the use of hard-coded credentials for the telnet server, allowing a remote unauthenticated attacker to execute an arbitrary OS command. This could...
Allied Telesis CentreCOM AR260S 信任管理问题漏洞
The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 version, which stems from the use of hard-coded credentials by the telnet service...
Allied Telesis CentreCOM AR260S 操作系统命令注入漏洞
The Allied Telesis CentreCOM AR260S is a basic VPN access router from Allied Telesis Japan. A security vulnerability exists in the Allied Telesis CentreCOM AR260S V2 version, which originates from an operating system command injection in the GUI settings page...
PT-2022-4623 · Centrecom · Centrecom Ar260S V2
Name of the Vulnerable Software and Affected Versions: CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 Description: The issue is related to an undocumented hidden command that can be executed from the telnet function, allowing a remote authenticated attacker to execute an arbitrary OS...