Motorola MR2600 ‘SaveSysLogParams’ Command Injection Vulnerability

EIP-552c9116 A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. Vulnerability Identifier Exodus Intelligence: EIP-552c9116 MITRE: CVE-2024-23626 Vulnerability Metrics CVSSv2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C CVSSv2 Score: 7.7 Vendor References The affected product is end-of-life and ... Read more Motorola MR2600 ‘SaveSysLogParams’ Command Injection Vulnerability The post Motorola MR2600 ‘SaveSysLogParams’ Command Injection Vulnerability appeared first on Exodus Intelligence .

EIP-552c9116 A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. Vulnerability Identifier Exodus Intelligence: EIP-552c9116 MITRE: CVE-2024-23626 Vulnerability Metrics CVSSv2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C CVSSv2 Score: 7.7 Vendor References The affected product is end-of-life and ... Read more Motorola MR2600 ‘SaveSysLogParams’ Command Injection Vulnerability The post Motorola MR2600 ‘SaveSysLogParams’ Command Injection Vulnerability appeared first on Exodus Intelligence . EIP-552c9116 A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. Vulnerability Identifier Exodus Intelligence: EIP-552c9116 MITRE: CVE-2024-23626 Vulnerability Metrics CVSSv2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C CVSSv2 Score: 7.7 Vendor References The affected product is end-of-life and no patches are available. Discovery Credit Exodus Intelligence Disclosure Timeline Disclosed to Vendor: April 29, 2021 Disclosed to public: January 25, 2024 Further Information Readers of this advisory who are interested in receiving further details around the vulnerability, mitigations, detection guidance, and more can contact us at [email protected] The post Motorola MR2600 ‘SaveSysLogParams’ Command Injection Vulnerability appeared first on Exodus Intelligence .