CVE-2013-2802

The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows remote attackers to execute arbitrary code; read, modify, or create files; or obtain file metadata via function opcodes.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sixnet:udr:*:*:*:*:*:*:*:*
cpe:2.3:o:sixnet:rtu_firmware:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:52

Type Values Removed Values Added
References () http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01 - US Government Resource () http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01 - US Government Resource

Information

Published : 2013-08-21 21:55

Updated : 2024-11-21 01:52


NVD link : CVE-2013-2802

Mitre link : CVE-2013-2802

CVE.ORG link : CVE-2013-2802


JSON object : View

Products Affected

sixnet

  • rtu_firmware
  • udr
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')