GCVE - cpe:2.3:o:alientechnology:alr-f800_firmware:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:alientechnology:alr-f800_firmware:*:*:*:*:*:*:*:*

part: o version: * update: *

Vendor	Alientechnology (`c295c3f5-f7a9-5da3-80e7-aa2bf47925ea`)
Product	Alr F800 Firmware (`de406aad-2ef3-5a3c-9457-b2411bb3ae7e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-7580`	vulnerable	2026-06-08 06:58:22.748787	Alien Technology ALR-F800 system.html os command injection MEDIUM (6.3) A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/system.html. The manipulation of the argument uploadedFile with the input ;whoami leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-08-07T14:31:04.007Z Updated: 2024-08-22T15:40:34.979Z Open on db.gcve.eu Reference links https://vuldb.com/?id.273860 https://vuldb.com/?ctiid.273860 https://vuldb.com/?submit.382481 https://github.com/Push3AX/vul/blob/main/Alien%20Technology%20/ALR-F800.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-7579`	vulnerable	2026-06-08 06:58:22.747958	Alien Technology ALR-F800 File Name upgrade.cgi popen os command injection MEDIUM (6.3) A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.cgi of the component File Name Handler. The manipulation of the argument uploadedFile leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-08-07T14:00:08.086Z Updated: 2024-08-07T15:24:06.724Z Open on db.gcve.eu Reference links https://vuldb.com/?id.273859 https://vuldb.com/?ctiid.273859 https://vuldb.com/?submit.382470 https://github.com/Push3AX/vul/blob/main/Alien%20Technology%20/ALR-F800.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-7578`	vulnerable	2026-06-08 06:58:22.745696	Alien Technology ALR-F800 cmd.php improper authorization HIGH (7.3) A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified as critical. Affected is an unknown function of the file /var/www/cmd.php. The manipulation of the argument cmd leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-08-07T13:00:07.939Z Updated: 2024-08-07T17:19:31.123Z Open on db.gcve.eu Reference links https://vuldb.com/?id.273858 https://vuldb.com/?ctiid.273858 https://vuldb.com/?submit.382469 https://github.com/Push3AX/vul/blob/main/Alien%20Technology%20/ALR-F800.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.