HIGH🇬🇧 English

CVE-2023-49692

CVSS 7.2v3.1pub. 2023-12-12upd. 2024-11-21

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Siemens 6gk5615 0aa00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5615 0aa00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5615 0aa01 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5615 0aa01 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5804 0ap00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5804 0ap00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5812 1aa00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5812 1aa00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5812 1ba00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5812 1ba00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5816 1aa00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5816 1aa00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5816 1ba00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5816 1ba00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5826 2ab00 2ab2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5826 2ab00 2ab2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5853 2ea00 2da1

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5853 2ea00 2da1 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5856 2ea00 3aa1

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5856 2ea00 3aa1 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5856 2ea00 3da1

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5856 2ea00 3da1 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5874 2aa00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5874 2aa00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5874 3aa00 2aa2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5874 3aa00 2aa2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5876 3aa02 2ba2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5876 3aa02 2ba2 Firmware

    OS
    Siemens
    < 7.2.2
  • Siemens 6gk5876 3aa02 2ea2

    HW
    Siemens
    wszystkie wersje
  • Siemens 6gk5876 3aa02 2ea2 Firmware

    OS
    Siemens
    < 7.2.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2023-49691HIGH7.2ten sam produkt

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0),...

CVE-2022-31765HIGH8.8ten sam produkt

Affected devices do not properly authorize the change password function of the web interface. This could allo...

CVE-2021-41990HIGH7.5ten sam produkt

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSAS...

CVE-2026-0300CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Buffer overflow RCE z uprawnieniami root w PAN-OS Captive Portal

CVE-2026-24858CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach