CVE-2024-7029

Commands can be injected over the network and executed without authentication.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:avtech:avm1203_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:avtech:avm1203:-:*:*:*:*:*:*:*

History

17 Sep 2024, 13:30

Type Values Removed Values Added
References () https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt - () https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt - Exploit, Third Party Advisory
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07 - () https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-07 - Third Party Advisory, US Government Resource
First Time Avtech avm1203 Firmware
Avtech
Avtech avm1203
CPE cpe:2.3:o:avtech:avm1203_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:avtech:avm1203:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 9.8

30 Aug 2024, 21:15

Type Values Removed Values Added
References
  • () https://www.akamai.com/blog/security-research/2024-corona-mirai-botnet-infects-zero-day-sirt -

05 Aug 2024, 12:41

Type Values Removed Values Added
Summary
  • (es) Los comandos pueden inyectarse a través de la red y ejecutarse sin autenticación.

02 Aug 2024, 15:16

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-02 15:16

Updated : 2024-09-17 13:30


NVD link : CVE-2024-7029

Mitre link : CVE-2024-7029

CVE.ORG link : CVE-2024-7029


JSON object : View

Products Affected

avtech

  • avm1203
  • avm1203_firmware
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')