8 matches found
CVE-2024-7469
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been declared as critical. This vulnerability affects the function sslvpnconfigmod of the file /vpn/listvpnwebcustom.php of the component Web Interface. The manipulation of the argument template/stylenum lea...
The vulnerability of the list_base_config.php file in the web interface of the Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 integrated software solution version 3.90 allows a hacker to execute arbitrary code.
The vulnerability of the listbaseconfig.php web interface of the Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 software is version 3.90. This vulnerability stems from the failure to eliminate special elements used in the OS command. Exploiting this vulnerability allows a remote attacker to...
CVE-2024-7470
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been rated as critical. This issue affects the function sslvpnconfigmod of the file /vpn/vpntemplatestyle.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os...
CVE-2024-7469
CVE-2024-7469 affects Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 (Web Interface) via sslvpn_config_mod in /vpn/list_vpn_web_custom.php. The root cause is improper handling of template/stylenum, enabling OS command injection. The issue is exploitable remotely and has public disclosure. Connected do...
CVE-2024-7467
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 and classified as critical. Affected by this issue is the function sslvpnconfigmod of the file /vpn/listipnetwork.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os...
CVE-2024-7468
The CVE-2024-7468 issue affects Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface (sslvpn_config_mod in /vpn/list_service_manage.php). The root cause is parameter manipulation (template/stylenum) enabling OS command injection, with remote access and public exploit disclosure (VDB-273561). A...
CVE-2024-7467
The CVE-2024-7467 issue affects Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 (Web Interface) in the /vpn/list_ip_network.php endpoint. The root cause is manipulation of the template/stylenum parameter in the sslvpn_config_mod function, leading to command injection that can be exploited remotely. Pub...
CVE-2024-7120
The CVE-2024-7120 entry concerns Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 devices (Web Interface, file list_base_config.php). The root cause is improper handling of the template argument, enabling OS command injection with remote access. Impact is remote code execution and potential full control...