HIGH🇬🇧 English

CVE-2015-6023

CVSS 7.3v3.0pub. 2017-02-09upd. 2026-05-13

ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Netcommwireless Hspa 3g10wve

    HW
    Netcommwireless
    wszystkie wersje
  • Netcommwireless Hspa 3g10wve Firmware

    OS
    Netcommwireless
    3g10wve-l101-s306ets-c01_r03
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2015-6024CRITICAL9.8ten sam produkt

ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 al...

CVE-2022-4873CRITICAL9.8ten sam vendor

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey param...

CVE-2022-4874HIGH7.5ten sam vendor

Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to ac...

CVE-2018-14782HIGH7.5ten sam vendor

NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device allo...

CVE-2018-14783HIGH8.8ten sam vendor

NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site re...