CRITICAL🇵🇱 Wersja polska

CVE-2022-47893

CVSS 10.0v3.1pub. 2023-10-03upd. 2024-11-21

There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Riello Ups Netman 204

    HW
    Riello-Ups
    wszystkie wersje
  • Riello Ups Netman 204 Firmware

    OS
    Riello-Ups
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-8878CRITICAL10.0PL ✓ten sam produkt

Podatność mechanizmu odzyskiwania hasła w Riello Netman 204 umożliwia przejęcie urządzenia

CVE-2017-6900CRITICAL9.8ten sam produkt

An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass P...

CVE-2022-47891HIGH8.1ten sam produkt

All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the a...

CVE-2022-3372HIGH8.8ten sam produkt

There is a CSRF vulnerability on Netman-204 version 02.05. An attacker could manage to change administrator pa...

CVE-2024-8877MEDIUM6.9ten sam produkt

Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It ...