Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Microhard Bullet-LTE and IPn4Gii AT+MFPORTFWD Argument Injection
Vulnerability Description
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFPORTFWD command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
参数注入或修改
Vulnerability Title
Microhard Bullet-LTE和Microhard IPn4Gii-NA2 安全漏洞
Vulnerability Description
Microhard Bullet-LTE和Microhard IPn4Gii-NA2都是加拿大Microhard公司的产品。Microhard Bullet-LTE是一款工业串行网关。该产品采用4G / HSPA + / LTE网络基础架构,提供了紧凑,坚固,功能强大的工业强度无线解决方案Microhard IPn4Gii-NA2是一款网关设备。 Microhard Bullet-LTE和Microhard IPn4Gii-NA2存在安全漏洞,该漏洞源于AT+MFPORTFWD命令存在认证后命令注入,可能
CVSS Information
N/A
Vulnerability Type
N/A