ID SECURITYVULNS:DOC:5668Type securityvulnsReporter SecurityvulnsModified 2004-01-23T00:00:00
Description
SQL injection в конференции ConfYmI
Название скрипта: ConfYmI
Уязвимая версия: все
Сайт производителя: www.310k.ru
Автор: Konstantin Andrunin
Дата: 22/01/2004
Уязвимость найдена в скрипте 'index.php' . Вследствии плохой проверки переменных $login ,
$password , удалённый пользователь может внедрить SQL команду и авторизироваться под любым
из зарегистрованых пользователей конференции.
Пример:
http://[target]/index.php?login=' or 'lwb'='lwb&password=' or 'lwb'='lwb
Для входа в качестве администратора конференции, для начала используем вышеуказаный URL.
Затем переходим по ссылке "пользователи", выбираем в списке "администраротор конференции".
Узнав ник администратора, вводим URL:
http://[target]/index.php?login=[nick]&password=' or 'lwb'='lwb
Устранение уязвимости:
В скрипте 'index.php' находим:
if(isset($login)&&isset($password)) {
заменяем на:
if(isset($login)&&isset($password)) {
$login = htmlspecialchars($login);
$password = htmlspecialchars($password);
--
LwB Security Team - Life without Borders
www.lwbteam.org
vlb4g _ vlbag@lwbteam.org
{"id": "SECURITYVULNS:DOC:5668", "bulletinFamily": "software", "title": "SQL injection \u0432 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 ConfYmI", "description": "SQL injection \u0432 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 ConfYmI\r\n\r\n\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0441\u043a\u0440\u0438\u043f\u0442\u0430: ConfYmI \r\n\u0423\u044f\u0437\u0432\u0438\u043c\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f: \u0432\u0441\u0435\r\n\u0421\u0430\u0439\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: www.310k.ru\r\n\u0410\u0432\u0442\u043e\u0440: Konstantin Andrunin\r\n\u0414\u0430\u0442\u0430: 22/01/2004\r\n\r\n\r\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u0435 'index.php' . \u0412\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043f\u043b\u043e\u0445\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 $login ,\r\n$password , \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c SQL \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0434 \u043b\u044e\u0431\u044b\u043c\r\n\u0438\u0437 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u043e\u0432\u0430\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438.\r\n\r\n\u041f\u0440\u0438\u043c\u0435\u0440:\r\nhttp://[target]/index.php?login=' or 'lwb'='lwb&password=' or 'lwb'='lwb \r\n\r\n\u0414\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438, \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u0432\u044b\u0448\u0435\u0443\u043a\u0430\u0437\u0430\u043d\u044b\u0439 URL.\r\n\u0417\u0430\u0442\u0435\u043c \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435 "\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438", \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c \u0432 \u0441\u043f\u0438\u0441\u043a\u0435 "\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0440\u043e\u0442\u043e\u0440 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438".\r\n\u0423\u0437\u043d\u0430\u0432 \u043d\u0438\u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0432\u0432\u043e\u0434\u0438\u043c URL: \r\n\r\nhttp://[target]/index.php?login=[nick]&password=' or 'lwb'='lwb \r\n\r\n\u0423\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: \r\n\r\n\u0412 \u0441\u043a\u0440\u0438\u043f\u0442\u0435 'index.php' \u043d\u0430\u0445\u043e\u0434\u0438\u043c:\r\nif(isset($login)&&isset($password)) { \r\n\r\n\u0437\u0430\u043c\u0435\u043d\u044f\u0435\u043c \u043d\u0430:\r\nif(isset($login)&&isset($password)) { \r\n$login = htmlspecialchars($login); \r\n$password = htmlspecialchars($password); \r\n\r\n\r\n-- \r\nLwB Security Team - Life without Borders \r\nwww.lwbteam.org\r\nvlb4g _ vlbag@lwbteam.org\r\n", "published": "2004-01-23T00:00:00", "modified": "2004-01-23T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:5668", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:09", "edition": 1, "viewCount": 19, "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2018-08-31T11:10:09", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["REDHAT-RHSA-2020-0731.NASL", "CISCO-SA-20140605-OPENSSL-IOSXR.NASL", "NVIDIA_WIN_2019_02.NASL", "DEBIAN_DLA-832.NASL"]}, {"type": "cve", "idList": ["CVE-2016-5668", "CVE-2014-2595", "CVE-2018-5668", "CVE-2015-9286", "CVE-2008-7273", "CVE-2019-5668", "CVE-2017-5668", "CVE-2008-7272"]}, {"type": "lenovo", "idList": ["LENOVO:PS500235-NOSID"]}, {"type": "msupdate", "idList": ["MS:01B22BD0-0DDF-4CD7-BBF3-5669E8C42DFF"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310890832"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:9011"]}, {"type": "openbugbounty", "idList": ["OBB:410567"]}, {"type": "debian", "idList": ["DEBIAN:DLA-832-1:93FA0"]}, {"type": "cert", "idList": ["VU:974424"]}, {"type": "ciscothreats", "idList": ["CISCO-THREAT-43441"]}], "modified": "2018-08-31T11:10:09", "rev": 2}, "vulnersScore": 5.7}, "affectedSoftware": []}
{"rst": [{"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **stretchedpussy[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:B1922D14-5668-3A94-96DC-F7CBE20D1861", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: stretchedpussy.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **121[.]40.104.18** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-19T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **malware**.\nASN 37963: (First IP 121.40.0.0, Last IP 121.42.17.255).\nASN Name \"CNNICALIBABACNNETAP\" and Organisation \"Hangzhou Alibaba Advertising CoLtd\".\nASN hosts 2679963 domains.\nGEO IP information: City \"\", Country \"China\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-19T00:00:00", "id": "RST:B0CEBD7D-5668-3186-B5D2-E2E5FB533022", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: 121.40.104.18", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **97[.]122.183.131** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **47**.\n First seen: 2021-01-13T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **shellprobe**.\nASN 209: (First IP 97.121.0.0, Last IP 97.127.191.255).\nASN Name \"CENTURYLINKUSLEGACYQWEST\" and Organisation \"Qwest Communications Company LLC\".\nASN hosts 73950 domains.\nGEO IP information: City \"Denver\", Country \"United States\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-13T00:00:00", "id": "RST:AD0930D3-5668-3D24-8E09-A3CD6234818B", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: 97.122.183.131", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **108[.]51.85.97** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **22**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **generic**.\nASN 701: (First IP 108.48.0.0, Last IP 108.55.127.255).\nASN Name \"UUNET\" and Organisation \"MCI Communications Services Inc dba Verizon Business\".\nASN hosts 194496 domains.\nGEO IP information: City \"Washington\", Country \"United States\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:B8C3A435-5668-3B07-90B0-2B011713F90B", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: 108.51.85.97", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **kshavedrop[.]bid** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **spam**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:C7F3DB4E-5668-384E-9B5A-E8DA5BCACB5A", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: kshavedrop.bid", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **216[.]160.85.14** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2021-01-08T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **shellprobe**.\nASN 209: (First IP 216.160.46.0, Last IP 216.160.90.255).\nASN Name \"CENTURYLINKUSLEGACYQWEST\" and Organisation \"Qwest Communications Company LLC\".\nASN hosts 73950 domains.\nGEO IP information: City \"Poulsbo\", Country \"United States\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-08T00:00:00", "id": "RST:11917661-5668-3AD4-BD21-77B91EAB9EE6", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: 216.160.85.14", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **brss[.]org** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:FC93AAB4-5668-3A38-A8B7-A1F7F54F353A", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: brss.org", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **giebis[.]site** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:1E5C81CA-5668-3706-A0A0-A75A955FEA9B", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: giebis.site", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **it-paypal[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:BB4650BB-5668-32A8-8202-E98B8A655100", "href": "", "published": "2021-01-15T00:00:00", "title": "RST Threat feed. IOC: it-paypal.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-13T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **upgrade4life[.]videoappsetupgrading.win** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-13T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:A886BEFF-5668-3C8E-B6AE-40D989CDA39A", "href": "", "published": "2021-01-14T00:00:00", "title": "RST Threat feed. IOC: upgrade4life.videoappsetupgrading.win", "type": "rst", "cvss": {}}], "cve": [{"lastseen": "2020-12-09T22:03:16", "description": "Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, RJ71C24 (-R2/R4) all versions, and RJ71GN11-T2 all versions) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the module by a specially crafted SLMP packet", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-11-20T04:15:00", "title": "CVE-2020-5668", "type": "cve", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5668"], "modified": "2020-12-08T17:26:00", "cpe": ["cpe:/o:mitsubishielectric:r120pcpu_firmware:*", "cpe:/o:mitsubishielectric:r16cpu_firmware:51", "cpe:/o:mitsubishielectric:r00cpu_firmware:19", "cpe:/o:mitsubishielectric:rj71gp21-sx_firmware:47", "cpe:/o:mitsubishielectric:r120sfcpu_firmware:22", "cpe:/o:mitsubishielectric:rj71gf11-t2_firmware:47", "cpe:/o:mitsubishielectric:rj71c24-r2_firmware:*", "cpe:/o:mitsubishielectric:r32sfcpu_firmware:22", "cpe:/o:mitsubishielectric:r01cpu_firmware:19", "cpe:/o:mitsubishielectric:r04cpu_firmware:51", "cpe:/o:mitsubishielectric:r32psfcpu_firmware:*", "cpe:/o:mitsubishielectric:r120psfcpu_firmware:*", "cpe:/o:mitsubishielectric:r08psfcpu_firmware:*", "cpe:/o:mitsubishielectric:r08pcpu_firmware:*", "cpe:/o:mitsubishielectric:r08cpu_firmware:51", "cpe:/o:mitsubishielectric:rj71en71_firmware:47", "cpe:/o:mitsubishielectric:r08sfcpu_firmware:22", "cpe:/o:mitsubishielectric:rj71c24-r4_firmware:*", "cpe:/o:mitsubishielectric:r02cpu_firmware:19", "cpe:/o:mitsubishielectric:r32cpu_firmware:51", "cpe:/o:mitsubishielectric:rj71gp21s-sx_firmware:47", "cpe:/o:mitsubishielectric:rj71gn11-t2_firmware:*", "cpe:/o:mitsubishielectric:r16pcpu_firmware:*", "cpe:/o:mitsubishielectric:r16sfcpu_firmware:22", "cpe:/o:mitsubishielectric:r16psfcpu_firmware:*", "cpe:/o:mitsubishielectric:rj72gf15-t2_firmware:07", "cpe:/o:mitsubishielectric:r120cpu_firmware:51", "cpe:/o:mitsubishielectric:r32pcpu_firmware:*"], "id": "CVE-2020-5668", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-5668", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:mitsubishielectric:r04cpu_firmware:51:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r08cpu_firmware:51:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r16cpu_firmware:51:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r32psfcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r120psfcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj71gp21-sx_firmware:47:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r16pcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r02cpu_firmware:19:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj71gn11-t2_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r08psfcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r120sfcpu_firmware:22:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r32pcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj72gf15-t2_firmware:07:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r120pcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r32sfcpu_firmware:22:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r01cpu_firmware:19:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r00cpu_firmware:19:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r32cpu_firmware:51:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r120cpu_firmware:51:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj71gp21s-sx_firmware:47:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r08pcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj71c24-r2_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj71c24-r4_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r16psfcpu_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj71en71_firmware:47:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r16sfcpu_firmware:22:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:rj71gf11-t2_firmware:47:*:*:*:*:*:*:*", "cpe:2.3:o:mitsubishielectric:r08sfcpu_firmware:22:*:*:*:*:*:*:*"]}]}
