Raisecom MSG2200 Firmware 3.90
Approved changes feed: RSS · Atom
cpe:2.3:o:raisecom:msg2200_firmware:3.90:*:*:*:*:*:*:*
part: o version: 3.90 update: *
| Vendor | Raisecom (1f5e070d-6da4-58a1-acf5-87a08ad821d6) |
|---|---|
| Product | Msg2200 Firmware (4c404847-f5d9-5129-997d-c6ce711f22b9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-7470 |
vulnerable | 2026-06-03 14:58:05.972065 |
Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface vpn_template_style.php sslvpn_config_mod os command injection
MEDIUM (6.3)
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been rated as critical. This issue affects the function sslvpn_config_mod of the file /vpn/vpn_template_style.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273563. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2024-08-05T04:00:09.079Z
Updated: 2024-08-06T20:22:22.952Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7469 |
vulnerable | 2026-06-03 14:58:05.970970 |
Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_vpn_web_custom.php sslvpn_config_mod os command injection
MEDIUM (6.3)
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been declared as critical. This vulnerability affects the function sslvpn_config_mod of the file /vpn/list_vpn_web_custom.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273562 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2024-08-05T03:31:04.492Z
Updated: 2024-08-05T10:15:23.547Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7468 |
vulnerable | 2026-06-03 14:58:05.969965 |
Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_service_manage.php sslvpn_config_mod os command injection
MEDIUM (6.3)
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been classified as critical. This affects the function sslvpn_config_mod of the file /vpn/list_service_manage.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273561 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2024-08-05T03:00:09.370Z
Updated: 2024-08-05T15:30:35.443Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7467 |
vulnerable | 2026-06-03 14:58:05.966019 |
Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_ip_network.php sslvpn_config_mod os command injection
MEDIUM (6.3)
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 and classified as critical. Affected by this issue is the function sslvpn_config_mod of the file /vpn/list_ip_network.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273560. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2024-08-05T02:31:03.618Z
Updated: 2024-08-06T20:23:07.949Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7120 |
vulnerable | 2026-06-03 14:58:05.092312 |
Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_base_config.php os command injection
MEDIUM (6.3)
A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. This affects an unknown part of the file list_base_config.php of the component Web Interface. The manipulation of the argument template leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272451.
Published: 2024-07-26T05:00:07.432Z
Updated: 2024-08-01T21:52:30.336Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55516 |
vulnerable | 2026-06-03 14:57:42.023887 |
Details available
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The component affected by this issue is /upload_sysconfig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions.
Published: 2024-12-17T00:00:00.000Z
Updated: 2024-12-18T15:57:47.406Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55515 |
vulnerable | 2026-06-03 14:57:42.023232 |
Details available
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_ipslib.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded.
Published: 2024-12-17T00:00:00.000Z
Updated: 2024-12-18T16:00:45.758Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55514 |
vulnerable | 2026-06-03 14:57:42.022759 |
Details available
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_sfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions.
Published: 2024-12-17T00:00:00.000Z
Updated: 2024-12-18T15:39:26.722Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55513 |
vulnerable | 2026-06-03 14:57:42.020488 |
Details available
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_netaction.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions.
Published: 2024-12-17T00:00:00.000Z
Updated: 2024-12-18T16:02:30.445Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.