[SYSS-2023-019] SmartNode SN200 - Unauthenticated OS Command Injection

Read Time:24 Second

Posted by Maurizio Ruchay via Fulldisclosure on Nov 27

Advisory ID: SYSS-2023-019
Product: SmartNode SN200 Analog Telephone Adapter (ATA) & VoIP Gateway
Manufacturer: Patton LLC
Affected Version(s): <= 3.21.2-23021
Tested Version(s): 2.21.1-22041, 3.21.2-23021, 3.22.0-23083
Vulnerability Type: OS Command Injection (CWE-78)
Vulnerability Type: Improper Access Control (CWE-284)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2023-07-05
Public Disclosure: 2023-08-28
CVE…

libcoap-4.3.5-6.fc41

FEDORA-2024-9c7bbee0f0 Packages in this update: libcoap-4.3.5-6.fc41 Update description: Update to 4.3.5 GA Read More

September 7, 2024

chromium-128.0.6613.119-1.fc39

FEDORA-2024-1bd7266df0 Packages in this update: chromium-128.0.6613.119-1.fc39 Update description: update to 128.0.6613.119 High CVE-2024-8362: Use after free in WebAudio High CVE-2024-7970:...

September 7, 2024

chromium-128.0.6613.119-1.el8

FEDORA-EPEL-2024-c15e47ae56 Packages in this update: chromium-128.0.6613.119-1.el8 Update description: update to 128.0.6613.119 High CVE-2024-8362: Use after free in WebAudio High CVE-2024-7970:...

September 7, 2024

chromium-128.0.6613.119-1.el9

FEDORA-EPEL-2024-7f86a25567 Packages in this update: chromium-128.0.6613.119-1.el9 Update description: update to 128.0.6613.119 High CVE-2024-8362: Use after free in WebAudio High CVE-2024-7970:...

September 7, 2024

chromium-128.0.6613.119-1.fc41

FEDORA-2024-e109b67926 Packages in this update: chromium-128.0.6613.119-1.fc41 Update description: update to 128.0.6613.119 High CVE-2024-8362: Use after free in WebAudio High CVE-2024-7970:...

September 7, 2024

chromium-128.0.6613.119-1.fc40

FEDORA-2024-ee42af5a22 Packages in this update: chromium-128.0.6613.119-1.fc40 Update description: update to 128.0.6613.119 High CVE-2024-8362: Use after free in WebAudio High CVE-2024-7970:...

September 7, 2024

Live Video of Promachoteuthis Squid

YubiKey Side-Channel Attack

Spyware Vendors’ Nebulous Ecosystem Helps Them Evade Sanctions

US and Allies Accuse Russian Military of Destructive Cyber-Attacks

PyPI Revival Hijack Puts Thousands of Applications at Risk

Security Budgets Come Under Pressure as “Hypergrowth” Ends

Cicada ransomware – what you need to know

UK Signs Council of Europe AI Convention

Cisco Warns of Critical Vulnerabilities in Smart Licensing Utility

[SYSS-2023-019] SmartNode SN200 – Unauthenticated OS Command Injection

libcoap-4.3.5-6.fc41

chromium-128.0.6613.119-1.fc39

chromium-128.0.6613.119-1.el8

chromium-128.0.6613.119-1.el9

chromium-128.0.6613.119-1.fc41

chromium-128.0.6613.119-1.fc40