File Upload Vulnerability in Raisecom Network Devices
CVE-2024-55515

Currently unrated

Key Information:

Vendor
Raisecom
Status
Msg2300 Firmware
Vendor
CVE Published:
17 December 2024

Summary

CVE-2024-55515 identifies a high-risk vulnerability in specific Raisecom networking devices, including the MSG1200, MSG2100E, MSG2200, and MSG2300 models running version 3.90. The vulnerability affects the web interface, particularly the /upload_ipslib.php component, which inadequately validates form submissions. By crafting a specially designed form name, attackers can exploit this flaw to upload arbitrary files, potentially compromising device integrity and network security.

References

https://gist.github.com/wscg928/cbe88078751abad2ada2334eb...

Timeline

  • Vulnerability published

.
CVE-2024-55515 : File Upload Vulnerability in Raisecom Network Devices | SecurityVulnerability.io