CRITICAL🇵🇱 Wersja polska

CVE-2024-23630

CVSS 9.0v3.1pub. 2024-01-26upd. 2024-11-21

An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Motorola Mr2600

    HW
    Motorola
    wszystkie wersje
  • Motorola Mr2600 Firmware

    OS
    Motorola
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-23626CRITICAL9.0PL ✓ten sam produkt

Command injection w parametrze SaveSysLogParams routera Motorola MR2600

CVE-2024-23627CRITICAL9.0PL ✓ten sam produkt

Command injection w parametrze SaveStaticRouteIPv4Params routera Motorola MR2600

CVE-2024-23628CRITICAL9.0PL ✓ten sam produkt

Command injection w Motorola MR2600 — parametr SaveStaticRouteIPv6Params

CVE-2024-23629CRITICAL9.6PL ✓ten sam produkt

Authentication bypass w routerze Motorola MR2600 — dostęp do chronionych zasobów

CVE-2022-34885HIGH7.2ten sam produkt

An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with eleva...