Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:29 a.m.8 views

CVE-2024-12985

A vulnerability classified as critical was found in Overtek OT-E801G OTE801G65.1.1.0. This vulnerability affects unknown code of the file /diagping.cmd?action=test=ppp0.1=8.8.8.8%26%26cat%20/etc/passwd=4=test. The manipulation leads to os command injection. The attack can be initiated remotely. T...

6.5CVSS7.5AI score0.01795EPSS
Exploits0References1
NVD
NVD
added 2024/12/27 3:15 p.m.17 views

CVE-2024-12985

A vulnerability classified as critical was found in Overtek OT-E801G OTE801G65.1.1.0. This vulnerability affects unknown code of the file /diagping.cmd?action=test&interface=ppp0.1&ipaddr=8.8.8.8%26%26cat%20/etc/passwd&ipversion=4&sessionKey=test. The manipulation leads to os command injection. T...

6.5CVSS0.01795EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/27 3:0 p.m.18 views

CVE-2024-12985 Overtek OT-E801G passwd os command injection

A vulnerability classified as critical was found in Overtek OT-E801G OTE801G65.1.1.0. This vulnerability affects unknown code of the file /diagping.cmd?action=test&interface=ppp0.1&ipaddr=8.8.8.8%26%26cat%20/etc/passwd&ipversion=4&sessionKey=test. The manipulation leads to os command injection. T...

6.5CVSS0.01795EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/27 3:0 p.m.10 views

CVE-2024-12985 Overtek OT-E801G passwd os command injection

A vulnerability classified as critical was found in Overtek OT-E801G OTE801G65.1.1.0. This vulnerability affects unknown code of the file /diagping.cmd?action=test&interface=ppp0.1&ipaddr=8.8.8.8%26%26cat%20/etc/passwd&ipversion=4&sessionKey=test. The manipulation leads to os command injection. T...

6.5CVSS7.7AI score0.01795EPSS
Exploits0References3
CVE
CVE
added 2024/12/27 3:0 p.m.53 views

CVE-2024-12985

Overtek OT-E801G OTE801G65.1.1.0 exposes a remote OS command injection via /diag_ping.cmd when action=test and ipaddr is manipulated (e.g., 8.8.8.8%26%26cat%20/etc/passwd). Root cause is likely insufficient input validation in the endpoint handling ipaddr. Impact is OS command execution, with rem...

6.5CVSS6.9AI score0.01795EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.3 views

PT-2024-17848 · Overtek · Overtek Ot-E801G

Name of the Vulnerable Software and Affected Versions: Overtek OT-E801G version OTE801G65.1.1.0 Description: A critical issue was found in the Overtek OT-E801G, affecting the file /diag ping.cmd. This issue leads to os command injection when the action parameter is set to test and the ipaddr...

6.5CVSS7.5AI score0.01795EPSS
Exploits0References5
Rows per page
Query Builder