Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OnCell G3470A-LTE Series: Authenticated Command Injection via webUploadKey
Vulnerability Description
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
MOXA OnCell G3470A-LTE 安全漏洞
Vulnerability Description
MOXA OnCell G3470A-LTE是中国摩莎(MOXA)公司的系列蜂窝网关/路由器。 MOXA OnCell G3470A-LTE v1.7.7 及之前固件版本存在安全漏洞,该漏洞源于Web 密钥上传功能中缺少中和输入,攻击者利用该漏洞可以修改发送给目标函数的预期命令,从而导致恶意用户执行未经授权的命令。
CVSS Information
N/A
Vulnerability Type
N/A