admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/10xxx/CVE-2024-10193.json

132 lines
5.0 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2024-10-19 08:00:31 +00:00
{
"-Synchronized-Data."
2024-10-20 08:00:30 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2024-10-19 08:00:31 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-10193",
"-Synchronized-Data."
2024-10-20 08:00:30 +00:00
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
"-Synchronized-Data."
2024-10-19 08:00:31 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2024-10-20 08:00:30 +00:00
"value": "A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function ping_ddns of the file internet.cgi. The manipulation of the argument DDNS leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in WAVLINK WN530H4, WN530HG4 and WN572HG3 bis 20221028 gefunden. Dies betrifft die Funktion ping_ddns der Datei internet.cgi. Mittels dem Manipulieren des Arguments DDNS mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WAVLINK",
"product": {
"product_data": [
{
"product_name": "WN530H4",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20221028"
}
]
}
},
{
"product_name": "WN530HG4",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20221028"
}
]
}
},
{
"product_name": "WN572HG3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20221028"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.280967",
"refsource": "MISC",
"name": "https://vuldb.com/?id.280967"
},
{
"url": "https://vuldb.com/?ctiid.280967",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.280967"
},
{
"url": "https://vuldb.com/?submit.422811",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.422811"
},
{
"url": "https://docs.google.com/document/d/13XWnFITW31u5J8HeQj8Zm-7oLt-M1DtQ/",
"refsource": "MISC",
"name": "https://docs.google.com/document/d/13XWnFITW31u5J8HeQj8Zm-7oLt-M1DtQ/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Stellar Lab (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.7,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.7,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P"
"-Synchronized-Data."
2024-10-19 08:00:31 +00:00
}
]
}
}
Reference in New Issue Copy Permalink