Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.9 views

CVE-2020-17406

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...

9CVSS7.2AI score0.05121EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/08 9:6 p.m.19 views

CVE-2025-35010 Microhard Bullet-LTE and IPn4Gii AT+MNPINGTM Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MNPINGTM command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command...

7.1CVSS0.01031EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/08 9:6 p.m.11 views

CVE-2025-35009 Microhard Bullet-LTE and IPn4Gii AT+MNNETSP Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MNNETSP command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command...

7.1CVSS0.01031EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/08 9:6 p.m.7 views

CVE-2025-35009 Microhard Bullet-LTE and IPn4Gii AT+MNNETSP Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MNNETSP command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command...

7.1CVSS7.8AI score0.01031EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/08 9:5 p.m.3 views

CVE-2025-35008 Microhard Bullet-LTE and IPn4Gii AT+MMNAME Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MMNAME command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argume...

7.1CVSS7.8AI score0.01031EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/08 9:5 p.m.5 views

CVE-2025-35007 Microhard Bullet-LTE and IPn4Gii AT+MFRULE Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFRULE command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argume...

7.1CVSS7.8AI score0.01012EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/08 9:5 p.m.3 views

CVE-2025-35005 Microhard Bullet-LTE and IPn4Gii AT+MFMAC Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFMAC command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argumen...

7.1CVSS7.8AI score0.01031EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/08 9:5 p.m.11 views

CVE-2025-35005 Microhard Bullet-LTE and IPn4Gii AT+MFMAC Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFMAC command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argumen...

7.1CVSS0.01031EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/08 9:5 p.m.13 views

CVE-2025-35004 Microhard Bullet-LTE and IPn4Gii AT+MFIP Argument Injection

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFIP command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument...

7.1CVSS0.01012EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/24 12:0 a.m.7 views

Microhard (CVE-2020-17407)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

10CVSS7.8AI score0.06533EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/24 12:0 a.m.8 views

Microhard Bullet-LTE Improper Neutralization of Special Elements used in an OS Command (CVE-2020-17406)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...

9CVSS8.4AI score0.05121EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 1:31 p.m.11 views

CVE-2020-17407

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

10CVSS7.5AI score0.06533EPSS
Exploits0
OSV
OSV
added 2020/10/13 5:15 p.m.5 views

CVE-2020-17406

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...

8.8CVSS7.6AI score0.05121EPSS
Exploits0References1
NVD
NVD
added 2020/10/13 5:15 p.m.11 views

CVE-2020-17407

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

10CVSS0.06533EPSS
Exploits0References1
OSV
OSV
added 2020/10/13 5:15 p.m.3 views

CVE-2020-17407

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

9.8CVSS7.7AI score0.06533EPSS
Exploits0References1
Prion
Prion
added 2020/10/13 5:15 p.m.12 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...

9CVSS8.9AI score0.05121EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/13 5:10 p.m.18 views

CVE-2020-17407

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

9.8CVSS9.8AI score0.06533EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/13 5:10 p.m.16 views

CVE-2020-17406

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...

8.8CVSS8.8AI score0.05121EPSS
Exploits0References1
CVE
CVE
added 2020/10/13 5:10 p.m.43 views

CVE-2020-17407

Affected product: Microhard Bullet-LTE (firmware prior to v1.2.0-r1112). Vulnerability summary: A stack-based buffer overflow in the handling of the Basic/authentication headers allows remote attackers to execute arbitrary code with root privileges. The flaw arises from insufficient validation of...

10CVSS9.8AI score0.06533EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/13 5:10 p.m.48 views

CVE-2020-17406

CVE-2020-17406 affects Microhard Bullet-LTE prior to v1.2.0-r1112. The issue is in the handling of the ping parameter in tools.sh, stemming from improper validation of a user-supplied string before it is used in a system call. This allows an attacker with authentication to execute arbitrary code ...

9CVSS8.9AI score0.05121EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder