CVE-2019-14931

{"id": "CVE-2019-14931", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2019-10-28T13:15:11.053", "references": [{"url": "https://www.mogozobo.com/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.mogozobo.com/?p=3593", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote OS Command Injection vulnerability allows an attacker to execute arbitrary commands on the RTU due to the passing of unsafe user supplied data to the RTU's system shell. Functionality in mobile.php provides users with the ability to ping sites or IP addresses via Mobile Connection Test. When the Mobile Connection Test is submitted, action.php is called to execute the test. An attacker can use a shell command separator (;) in the host variable to execute operating system commands upon submitting the test data."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en los dispositivos Mitsubishi Electric ME-RTU versiones hasta las versi\u00f3n 2.02 y los dispositivos INEA ME-RTU versiones hasta la versi\u00f3n 3.0. Una vulnerabilidad de inyecci\u00f3n de comandos de Sistema Operativo remota no autenticada permite a un atacante ejecutar comandos arbitrarios en la RTU debido al paso de datos no seguros suministrados por el usuario hacia el shell del sistema de la RTU. Una funcionalidad en el archivo mobile.php provee a usuarios la capacidad de hacer ping a sitios o direcciones IP por medio de Mobile Connection Test. Cuando la Mobile Connection Test es enviada, se llama al archivo action.php para ejecutar la prueba. Un atacante puede utilizar un separador de comandos de shell (;) en la variable del host para ejecutar comandos del sistema operativo sobre el env\u00edo de los datos de prueba."}], "lastModified": "2024-09-10T17:15:14.630", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishielectric:smartrtu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62D6CAA7-11E1-4DF2-A9BD-EC71AE7CD166", "versionEndIncluding": "2.02"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishielectric:smartrtu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1EF90DA0-55C7-4765-9DEE-80145752961D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:inea:me-rtu_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDC6C049-B15B-4FC2-9DDF-915381E6D114", "versionEndIncluding": "3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:inea:me-rtu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FD7F8299-4A9C-4B93-A35A-68C6D43855CC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}