Overview
- Description
- Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface.
- Source
- psirt-info@cyber.jp.nec.com
- NVD status
- Received
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- psirt-info@cyber.jp.nec.com
- CWE-77
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
JVN#53958863: UNIVERGE IX/IX-R/IX-Vシリーズルータにおける複数の脆弱性 https://t.co/lFTCUwtOmP ”影響を受けるシステム CVE-2024-11013 UNIVERGE IXシリーズ UNIVERGE IX-R/IX-Vシリーズ CVE-2024-11014 UNIVERGE IXシリーズ”
@catnap707
2 Dec 2024
192 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11013 Critical Command Injection Vulnerability in NEC UNIVERGE IX Devices NEC Corporation UNIVERGE IX devices have a Command Injection vulnerability. This affects versions from Ver9.2 to Ver10.10.21, Ver... https://t.co/jVaNe5SvaI
@VulmonFeeds
30 Nov 2024
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
NECの法人向けルーターに脆弱性を報告しました。CVE-2024-11013についてはユーザーに悪意がなくてもコマンドインジェクションが成立するためご注意ください。 また、一部EOL製品については更新が行われておりませんので、回避策の実施か後継製品への置換を推奨いたします! https://t.co/ypaVmx4Txy
@ryotkak
29 Nov 2024
28124 Impressions
120 Retweets
248 Likes
53 Bookmarks
1 Reply
7 Quotes
CVE-2024-11013 Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-… https://t.co/lnwWOuQHFU
@CVEnew
29 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes