CVE-2024-31977
Severity:
HIGH
Type:
CWE-78
OS Command Injections
Publication date:
24/07/2024
Last modified:
01/08/2024
Description
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.5.5.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:adtran:sdg_smartos:*:*:*:*:*:*:*:* | 12.5.5.1 (excluding) | |
cpe:2.3:o:adtran:834-5_firmware:11.1.0.101-202106231430:*:*:*:*:*:*:* | ||
cpe:2.3:h:adtran:834-5:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page