PT-2024-33111 · Shenzhen Tuoshi Network Communications Co. · Nr500-Ea Rg500Ueaabxcomslic

Published

2024-10-24

Updated

2024-10-25

CVE-2024-48440

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLIC version 3.2.2543.12.18

Description A command injection issue was found in the component at command.asp.

Recommendations For version 3.2.2543.12.18, consider restricting access to the at command.asp component to minimize the risk of exploitation.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2024-48440

Affected Products

Nr500-Ea Rg500Ueaabxcomslic

PT-2024-33111 · Shenzhen Tuoshi Network Communications Co. · Nr500-Ea Rg500Ueaabxcomslic

CVE-2024-48440

Weakness Enumeration

Related Identifiers

Affected Products

References · 3