Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary commands via shell metacharacters to certain /goform/* pages.
References
Link | Resource |
---|---|
https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf | Exploit Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2017-04-02 22:59
Updated : 2017-04-10 10:05
NVD link : CVE-2016-10312
Mitre link : CVE-2016-10312
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
jensenofscandinavia
- al5000ac
- al3g_firmware
- al59300_firmware
- al59300
- al3g
- al5000ac_firmware