Unrated severityNVD Advisory· Published Apr 29, 2020· Updated Aug 4, 2024

CVE-2020-12246

Description

Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter.

Affected products

Beeline/Smart Box 2.0.38description
Beeline/Smart Boxllm-create
Range: = 2.0.38

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

medium.com/%40Pavel.Step/security-analysis-of-the-smart-box-router-932f86dc8a9emitrex_refsource_MISC
yadi.sk/i/YdfXr-ofAN2ZWAmitrex_refsource_MISC
yadi.sk/i/iIUCJVaGEuSaAwmitrex_refsource_MISC
yadi.sk/i/jXV87yn4ZJfSHAmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000