Published: 09/02/2017 Updated: 09/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware prior to 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netcommwireless hspa_3g10wve_firmware 3g10wve-l101-s306ets-c01_r03

Title: ==== NetCommWireless HSPA 3G10WVE Wireless Router – Multiple vulnerabilities Credit: ====== Name: Bhadresh Patel Company/affiliation: HelpAG Website: wwwhelpagcom CVE: ===== CVE-2015-6023, CVE-2015-6024 Date: ==== 03-05-2016 (dd/mm/yyyy) Vendor: ====== NetComm Wireless is a leading developer and supplier of high performance comm ...

CWE-77 https://www.exploit-db.com/exploits/39762/http://seclists.org/fulldisclosure/2016/May/18 http://seclists.org/fulldisclosure/2016/May/13 http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html http://www.securityfocus.com/archive/1/538297/100/0/threaded http://www.securityfocus.com/archive/1/538263/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/39762/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-6024

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect