A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices allows to write arbitrary files to the web server's DocumentRoot directory.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/html/ssa-333468.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
30 Oct 2024, 15:54
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
CPE | cpe:2.3:o:siemens:intermesh_7177_hybrid_2.0_subscriber:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:intermesh_7707_fire_subscriber_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:intermesh_7177_hybrid_2.0_subscriber:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:intermesh_7707_fire_subscriber:-:*:*:*:*:*:*:* |
|
First Time |
Siemens intermesh 7707 Fire Subscriber Firmware
Siemens intermesh 7177 Hybrid 2.0 Subscriber Siemens intermesh 7707 Fire Subscriber Siemens |
|
CWE | NVD-CWE-noinfo | |
References | () https://cert-portal.siemens.com/productcert/html/ssa-333468.html - Vendor Advisory |
25 Oct 2024, 12:56
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Oct 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-23 15:15
Updated : 2024-10-30 15:54
NVD link : CVE-2024-47903
Mitre link : CVE-2024-47903
CVE.ORG link : CVE-2024-47903
JSON object : View
Products Affected
siemens
- intermesh_7177_hybrid_2.0_subscriber
- intermesh_7707_fire_subscriber_firmware
- intermesh_7707_fire_subscriber
CWE