CVE-2024-7467

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 and classified as critical. Affected by this issue is the function sslvpn_config_mod of the file /vpn/list_ip_network.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273560. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:raisecom:msg2300_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2300:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:raisecom:msg2100e_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2100e:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:raisecom:msg2200_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2200:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:raisecom:msg1200_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg1200:-:*:*:*:*:*:*:*

History

06 Aug 2024, 17:31

Type Values Removed Values Added
CPE cpe:2.3:o:raisecom:msg1200_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:o:raisecom:msg2200_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg1200:-:*:*:*:*:*:*:*
cpe:2.3:o:raisecom:msg2100e_firmware:3.90:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2100e:-:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2300:-:*:*:*:*:*:*:*
cpe:2.3:h:raisecom:msg2200:-:*:*:*:*:*:*:*
cpe:2.3:o:raisecom:msg2300_firmware:3.90:*:*:*:*:*:*:*
CVSS v2 : 6.5
v3 : 6.3
v2 : 6.5
v3 : 9.8
First Time Raisecom msg2100e
Raisecom msg2200
Raisecom msg2200 Firmware
Raisecom msg1200
Raisecom msg2300 Firmware
Raisecom msg2300
Raisecom msg2100e Firmware
Raisecom msg1200 Firmware
Raisecom
References () https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/sQrromK7x42JbLgY/Command%20Injection%20Vulnerability%20in%20RAISECOM%20Gateway%20Devices-list_ip_network.php.pdf - () https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/sQrromK7x42JbLgY/Command%20Injection%20Vulnerability%20in%20RAISECOM%20Gateway%20Devices-list_ip_network.php.pdf - Broken Link, Exploit, Technical Description, Third Party Advisory
References () https://vuldb.com/?ctiid.273560 - () https://vuldb.com/?ctiid.273560 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.273560 - () https://vuldb.com/?id.273560 - VDB Entry
References () https://vuldb.com/?submit.385347 - () https://vuldb.com/?submit.385347 - Third Party Advisory, VDB Entry

05 Aug 2024, 12:41

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad fue encontrada en Raisecom MSG1200, MSG2100E, MSG2200 y MSG2300 3.90 y clasificada como crítica. La función sslvpn_config_mod del archivo /vpn/list_ip_network.php del componente Web Interface es afectada por esta vulnerabilidad. La manipulación del argumento template/stylenum conduce a la inyección de comandos del sistema operativo. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. El identificador de esta vulnerabilidad es VDB-273560. NOTA: Se contactó primeramente con el proveedor sobre esta divulgación, pero no respondió de ninguna manera.

05 Aug 2024, 03:16

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-05 03:16

Updated : 2024-08-06 17:31


NVD link : CVE-2024-7467

Mitre link : CVE-2024-7467

CVE.ORG link : CVE-2024-7467


JSON object : View

Products Affected

raisecom

  • msg2200
  • msg2100e_firmware
  • msg2300_firmware
  • msg1200_firmware
  • msg2100e
  • msg2200_firmware
  • msg2300
  • msg1200
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')