CVE-2015-2279 - Vulnerability Details - OpenCVE

cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an "&" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Airlive	Bu-2015 Bu-2015 Firmware Bu-3026 Bu-3026 Firmware Md-3025 Md-3025 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:airlive:bu-2015_firmware:1.03.18:*:*:*:*:*:*:*

cpe:2.3:h:airlive:bu-2015:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:airlive:bu-3026_firmware:1.43:*:*:*:*:*:*:*

cpe:2.3:h:airlive:bu-3026:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:airlive:md-3025_firmware:1.81:*:*:*:*:*:*:*

cpe:2.3:h:airlive:md-3025:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html
http://seclists.org/fulldisclosure/2015/Jul/29
http://www.securityfocus.com/archive/1/535938/100/0/threaded
http://www.securityfocus.com/bid/75559
https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection
https://www.exploit-db.com/exploits/37532/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-07-24T15:00:00

Updated: 2024-08-06T05:10:16.147Z

Reserved: 2015-03-10T00:00:00

Link: CVE-2015-2279

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-07-25T01:29:00.420

Modified: 2024-11-21T02:27:08.263

Link: CVE-2015-2279

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-07-06T00:00:00", "descriptions": [{"lang": "en", "value": "cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an \"&\" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/535938/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html"}, {"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/Jul/29"}, {"name": "37532", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/37532/"}, {"name": "75559", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75559"}, {"tags": ["x_refsource_MISC"], "url": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-2279", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an \"&\" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/535938/100/0/threaded"}, {"name": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html"}, {"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Jul/29"}, {"name": "37532", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/37532/"}, {"name": "75559", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75559"}, {"name": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection", "refsource": "MISC", "url": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:10:16.147Z"}, "title": "CVE Program Container", "references": [{"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/535938/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html"}, {"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2015/Jul/29"}, {"name": "37532", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/37532/"}, {"name": "75559", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/75559"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-2279", "datePublished": "2017-07-24T15:00:00", "dateReserved": "2015-03-10T00:00:00", "dateUpdated": "2024-08-06T05:10:16.147Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:airlive:bu-2015_firmware:1.03.18:*:*:*:*:*:*:*", "matchCriteriaId": "0A34E99A-C9F7-4974-B6D8-83286FB4B92B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:airlive:bu-2015:-:*:*:*:*:*:*:*", "matchCriteriaId": "587B824F-BC55-486B-9357-53C0EBF2E5AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:airlive:bu-3026_firmware:1.43:*:*:*:*:*:*:*", "matchCriteriaId": "9685AB5E-BC30-487A-929C-9A6324C02ADE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:airlive:bu-3026:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C4C7544-3A3E-43E4-B635-38BE98B9D268", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:airlive:md-3025_firmware:1.81:*:*:*:*:*:*:*", "matchCriteriaId": "36F73444-2C73-4AC4-A659-F30ED97BD11D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:airlive:md-3025:-:*:*:*:*:*:*:*", "matchCriteriaId": "2304F05E-CA5F-40CC-ADE2-2268F29A0617", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an \"&\" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter."}, {"lang": "es", "value": "El archivo cgi_test.cgi en BU-2015 con firmware versi\u00f3n 1.03.18, BU-3026 con firmware versi\u00f3n 1.43 y MD-3025 con firmware versi\u00f3n 1.81 de AirLive, permite a los atacantes remotos ejecutar comandos de sistema operativo arbitrarios por medio de metacaracteres shell despu\u00e9s de un \"&\" (y por s\u00ed mismo, y) en el par\u00e1metro write_mac write_pid, write_msn, write_tan o write_hdv."}], "id": "CVE-2015-2279", "lastModified": "2024-11-21T02:27:08.263", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-25T01:29:00.420", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory", "VDB Entry"], "url": "http://seclists.org/fulldisclosure/2015/Jul/29"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/535938/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/75559"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/37532/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory", "VDB Entry"], "url": "http://seclists.org/fulldisclosure/2015/Jul/29"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/535938/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/75559"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/37532/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}