An arbitrary firmware upload vulnerability exists in the Motorola
MR2600. An attacker can exploit this vulnerability to achieve code
execution on the device. Authentication is required, however can be
bypassed.
References
Link | Resource |
---|---|
https://blog.exodusintel.com/2024/01/25/motorola-mr2600-arbitrary-firmware-upload-vulnerability/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
01 Feb 2024, 19:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:motorola:mr2600_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:motorola:mr2600:-:*:*:*:*:*:*:* |
|
First Time |
Motorola
Motorola mr2600 Motorola mr2600 Firmware |
|
References | () https://blog.exodusintel.com/2024/01/25/motorola-mr2600-arbitrary-firmware-upload-vulnerability/ - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.7
v3 : 8.8 |
26 Jan 2024, 13:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
26 Jan 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-26 00:15
Updated : 2024-02-01 19:56
NVD link : CVE-2024-23630
Mitre link : CVE-2024-23630
CVE.ORG link : CVE-2024-23630
JSON object : View
Products Affected
motorola
- mr2600_firmware
- mr2600
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type