Motorola MR2600 Arbitrary Firmware Upload Vulnerability
2024-1-26 07:39:57 Author: blog.exodusintel.com(查看原文) 阅读量:11 收藏

EIP-d52674b0

An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed.

Vulnerability Identifier

  • Exodus Intelligence: EIP-d52674b0
  • MITRE: CVE-2024-23630

Vulnerability Metrics

  • CVSSv2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C
  • CVSSv2 Score: 7.7

Vendor References

  • The affected product is end-of-life and no patches are available.

Discovery Credit

  • Exodus Intelligence

Disclosure Timeline

  • Disclosed to Vendor: April 29, 2021
  • Disclosed to public: January 25, 2024

Further Information

Readers of this advisory who are interested in receiving further details around the vulnerability, mitigations, detection guidance, and more can contact us at [email protected]


文章来源: https://blog.exodusintel.com/2024/01/25/motorola-mr2600-arbitrary-firmware-upload-vulnerability/
如有侵权请联系:admin#unsafe.sh