CRITICAL🇵🇱 Wersja polska

CVE-2024-23628

CVSS 9.0v3.1pub. 2024-01-26upd. 2024-11-21

A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Motorola Mr2600

    HW
    Motorola
    wszystkie wersje
  • Motorola Mr2600 Firmware

    OS
    Motorola
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-23626CRITICAL9.0PL ✓ten sam produkt

Command injection w parametrze SaveSysLogParams routera Motorola MR2600

CVE-2024-23627CRITICAL9.0PL ✓ten sam produkt

Command injection w parametrze SaveStaticRouteIPv4Params routera Motorola MR2600

CVE-2024-23629CRITICAL9.6PL ✓ten sam produkt

Authentication bypass w routerze Motorola MR2600 — dostęp do chronionych zasobów

CVE-2024-23630CRITICAL9.0PL ✓ten sam produkt

Motorola MR2600 – dowolny upload firmware umożliwiający RCE

CVE-2022-34885HIGH7.2ten sam produkt

An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with eleva...