5 matches found
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Improper Neutralization of Special Elements Used in an OS Command (CVE-2019-14931)
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote OS Command Injection vulnerability allows an attacker to execute arbitrary commands on the RTU due to the passing of unsafe user supplied data to the RTU's...
CVE-2019-14931
creationtimestamp| type| source ---|---|--- 2020-10-15 15:07:04+00:00| seen| MISP/cbd9bbb3-3f53-4610-9d91-9191ff0a9ca8 2020-10-16 06:56:57+00:00| seen| MISP/25aef508-b116-4d75-84b2-b6ceff906e44 2024-01-29 11:06:54+00:00| seen| https://t.me/ctinow/175156...
CVE-2019-14931
CVE-2019-14931 describes an unauthenticated remote OS command injection in Mitsubishi Electric ME-RTU (firmware ≤2.02) and INEA ME-RTU (≤3.0), exploitable via unsafe data in the Mobile Connection Test host parameter (shell command separator ';'). Impact is remote command execution with high sever...
Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell
!/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated OS Command Injection Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://eu3a.mitsubishielectric.com/fa/en/products/cnt/plcccl/items/smartRTU/local Vendor Homepage:...
Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell
Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell !/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated OS Command Injection Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage:...