Refine your search
6 vulnerabilities found for mc_lr_router_firmware by mc-technologies
CVE-2024-28027 (GCVE-0-2024-28027)
Vulnerability from nvd
Published
2024-11-21 14:41
Modified
2025-11-03 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authetnicated OS Command injection that occurs through the attacker-controlled `timer1` parameter, at offset `0x8e80`.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MC Technologies | MC LR Router |
Version: 2.10.5 (QEMU) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mc_technologies:mc_lr_router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mc_lr_router",
"vendor": "mc_technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5qemu"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28027",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-22T14:16:17.471625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T14:18:19.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:54:18.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MC LR Router",
"vendor": "MC Technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5 (QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authetnicated OS Command injection that occurs through the attacker-controlled `timer1` parameter, at offset `0x8e80`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:41:20.405Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28027",
"datePublished": "2024-11-21T14:41:20.405Z",
"dateReserved": "2024-02-29T21:52:03.205Z",
"dateUpdated": "2025-11-03T21:54:18.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28026 (GCVE-0-2024-28026)
Vulnerability from nvd
Published
2024-11-21 14:41
Modified
2025-11-03 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `out1` parameter, at offset `0x8efc`.
int out_ret = sscanf(current_param->key, "out%u", &io_idx);
if (out_ret == 1 && io_idx == 1)
{
// [4] Similar to `3`, but `out1` instead of `btn1`
if (asprintf(&command, "/usr/sbin/vout %s %u vo_manual", current_param->value, 1) > 0)
{
system(command);
return -1;
}
}
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MC Technologies | MC LR Router |
Version: 2.10.5 (QEMU) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mc_technologies:mc_lr_router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mc_lr_router",
"vendor": "mc_technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5qemu"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28026",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-22T14:21:55.406688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T14:22:47.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:54:17.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MC LR Router",
"vendor": "MC Technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5 (QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `out1` parameter, at offset `0x8efc`.\r\n\r\n \r\n int out_ret = sscanf(current_param-\u003ekey, \"out%u\", \u0026io_idx);\r\n if (out_ret == 1 \u0026\u0026 io_idx == 1)\r\n {\r\n // [4] Similar to `3`, but `out1` instead of `btn1`\r\n if (asprintf(\u0026command, \"/usr/sbin/vout %s %u vo_manual\", current_param-\u003evalue, 1) \u003e 0)\r\n {\r\n system(command);\r\n return -1;\r\n }\r\n }"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:41:20.234Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28026",
"datePublished": "2024-11-21T14:41:20.234Z",
"dateReserved": "2024-02-29T21:52:03.205Z",
"dateUpdated": "2025-11-03T21:54:17.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28025 (GCVE-0-2024-28025)
Vulnerability from nvd
Published
2024-11-21 14:41
Modified
2025-11-03 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `btn1` parameter, at offset `0x8eb0`.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MC Technologies | MC LR Router |
Version: 2.10.5 (QEMU) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mc_technologies:mc_lr_router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mc_lr_router",
"vendor": "mc_technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5qemu"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28025",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-22T14:23:08.783606Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T14:23:59.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:54:16.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MC LR Router",
"vendor": "MC Technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5 (QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `btn1` parameter, at offset `0x8eb0`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:41:20.018Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28025",
"datePublished": "2024-11-21T14:41:20.018Z",
"dateReserved": "2024-02-29T21:52:03.205Z",
"dateUpdated": "2025-11-03T21:54:16.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28027 (GCVE-0-2024-28027)
Vulnerability from cvelistv5
Published
2024-11-21 14:41
Modified
2025-11-03 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authetnicated OS Command injection that occurs through the attacker-controlled `timer1` parameter, at offset `0x8e80`.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MC Technologies | MC LR Router |
Version: 2.10.5 (QEMU) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mc_technologies:mc_lr_router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mc_lr_router",
"vendor": "mc_technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5qemu"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28027",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-22T14:16:17.471625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T14:18:19.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:54:18.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MC LR Router",
"vendor": "MC Technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5 (QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authetnicated OS Command injection that occurs through the attacker-controlled `timer1` parameter, at offset `0x8e80`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:41:20.405Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28027",
"datePublished": "2024-11-21T14:41:20.405Z",
"dateReserved": "2024-02-29T21:52:03.205Z",
"dateUpdated": "2025-11-03T21:54:18.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28026 (GCVE-0-2024-28026)
Vulnerability from cvelistv5
Published
2024-11-21 14:41
Modified
2025-11-03 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `out1` parameter, at offset `0x8efc`.
int out_ret = sscanf(current_param->key, "out%u", &io_idx);
if (out_ret == 1 && io_idx == 1)
{
// [4] Similar to `3`, but `out1` instead of `btn1`
if (asprintf(&command, "/usr/sbin/vout %s %u vo_manual", current_param->value, 1) > 0)
{
system(command);
return -1;
}
}
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MC Technologies | MC LR Router |
Version: 2.10.5 (QEMU) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mc_technologies:mc_lr_router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mc_lr_router",
"vendor": "mc_technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5qemu"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28026",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-22T14:21:55.406688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T14:22:47.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:54:17.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MC LR Router",
"vendor": "MC Technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5 (QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `out1` parameter, at offset `0x8efc`.\r\n\r\n \r\n int out_ret = sscanf(current_param-\u003ekey, \"out%u\", \u0026io_idx);\r\n if (out_ret == 1 \u0026\u0026 io_idx == 1)\r\n {\r\n // [4] Similar to `3`, but `out1` instead of `btn1`\r\n if (asprintf(\u0026command, \"/usr/sbin/vout %s %u vo_manual\", current_param-\u003evalue, 1) \u003e 0)\r\n {\r\n system(command);\r\n return -1;\r\n }\r\n }"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:41:20.234Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28026",
"datePublished": "2024-11-21T14:41:20.234Z",
"dateReserved": "2024-02-29T21:52:03.205Z",
"dateUpdated": "2025-11-03T21:54:17.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28025 (GCVE-0-2024-28025)
Vulnerability from cvelistv5
Published
2024-11-21 14:41
Modified
2025-11-03 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `btn1` parameter, at offset `0x8eb0`.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MC Technologies | MC LR Router |
Version: 2.10.5 (QEMU) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mc_technologies:mc_lr_router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mc_lr_router",
"vendor": "mc_technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5qemu"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28025",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-22T14:23:08.783606Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T14:23:59.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:54:16.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MC LR Router",
"vendor": "MC Technologies",
"versions": [
{
"status": "affected",
"version": "2.10.5 (QEMU)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Matt Wiseman of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability refers to the authenticated OS Command Injection that occurs through the attacker-controlled `btn1` parameter, at offset `0x8eb0`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:41:20.018Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1953"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28025",
"datePublished": "2024-11-21T14:41:20.018Z",
"dateReserved": "2024-02-29T21:52:03.205Z",
"dateUpdated": "2025-11-03T21:54:16.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}