Multiple OS Command Injection vulnerabilities affecting Kasda LinkSmart Router KW6512 <= v1.3 enable an authenticated remote attacker to execute arbitrary OS commands via various cgi parameters.
History

Wed, 27 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Kasda
Kasda kw6512 Firmware
Weaknesses CWE-77
CPEs cpe:2.3:o:kasda:kw6512_firmware:*:*:*:*:*:*:*:*
Vendors & Products Kasda
Kasda kw6512 Firmware
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 20 Nov 2024 21:00:00 +0000

Type Values Removed Values Added
Description Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version KW6512_Linux_V1.0 enable an authenticated remote attacker to execute arbitrary OS commands via Quick Setup and Internet page parameters passed to internet.cgi. Multiple OS Command Injection vulnerabilities affecting Kasda LinkSmart Router KW6512 <= v1.3 enable an authenticated remote attacker to execute arbitrary OS commands via various cgi parameters.

Wed, 20 Nov 2024 18:00:00 +0000

Type Values Removed Values Added
Description Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version KW6512_Linux_V1.0 enable an authenticated remote attacker to execute arbitrary OS commands via Quick Setup and Internet page parameters passed to internet.cgi.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-11-20T00:00:00

Updated: 2024-11-27T16:39:50.660Z

Reserved: 2024-03-19T00:00:00

Link: CVE-2024-29292

cve-icon Vulnrichment

Updated: 2024-11-27T16:39:44.159Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-20T18:15:22.970

Modified: 2024-11-27T17:15:10.383

Link: CVE-2024-29292

cve-icon Redhat

No data.