HIGH🇬🇧 English

CVE-2024-36475

CVSS 8.8v3.1pub. 2024-07-17upd. 2024-11-21

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Centurysys Futurenet Nxr 1200

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 1200 Firmware

    OS
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 120\/c

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 120\/c Firmware

    OS
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 125\/cx

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 125\/cx Firmware

    OS
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 1300 Firmware

    OS
    Centurysys
    < 7.4.10
  • Centurysys Futurenet Nxr 130\/c

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 130\/c Firmware

    OS
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 155\/c Firmware

    OS
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 160\/lw

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 160\/lw Firmware

    OS
    Centurysys
    < 21.8.4
  • Centurysys Futurenet Nxr 230\/c

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 230\/c Firmware

    OS
    Centurysys
    < 5.30.13
  • Centurysys Futurenet Nxr 350\/c

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 350\/c Firmware

    OS
    Centurysys
    < 5.30.9c
  • Centurysys Futurenet Nxr 530

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 530 Firmware

    OS
    Centurysys
    < 21.11.14
  • Centurysys Futurenet Nxr 610x Firmware

    OS
    Centurysys
    < 21.14.11c
  • Centurysys Futurenet Nxr 650

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr 650 Firmware

    OS
    Centurysys
    < 21.16.2
  • Centurysys Futurenet Nxr G050 Firmware

    OS
    Centurysys
    < 21.12.10
  • Centurysys Futurenet Nxr G060 Firmware

    OS
    Centurysys
    < 21.15.6
  • Centurysys Futurenet Nxr G100 Firmware

    OS
    Centurysys
    < 6.23.11
  • Centurysys Futurenet Nxr G110 Firmware

    OS
    Centurysys
    < 21.7.32
  • Centurysys Futurenet Nxr G120 Firmware

    OS
    Centurysys
    < 21.15.2c
  • Centurysys Futurenet Nxr G180\/l Ca

    HW
    Centurysys
    wszystkie wersje
  • Centurysys Futurenet Nxr G180\/l Ca Firmware

    OS
    Centurysys
    < 21.7.28c
  • Centurysys Futurenet Nxr G200 Firmware

    OS
    Centurysys
    < 9.12.16
  • Centurysys Futurenet Vxr X64

    OS
    Centurysys
    < 21.7.32
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2024-31070CRITICAL9.1PL ✓ten sam produkt

Auth Bypass w FutureNet NXR/VXR/WXR — nieograniczony dostęp do usługi Telnet

CVE-2024-36491CRITICAL9.8PL ✓ten sam produkt

Command Injection w urządzeniach FutureNet NXR/VXR/WXR (Century Systems)

CVE-2008-6449MEDIUM4.0ten sam vendor

Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR-410 before 1....