Filtered by vendor Raisecom Subscriptions
Filtered by product Iscom Ht803g-1ge Firmware Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-7385 1 Raisecom 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more 2024-11-21 7.8 High
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware. Because there is no user input validation, this leads to authenticated code execution on the device.
CVE-2019-7384 1 Raisecom 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more 2024-11-21 7.8 High
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call inside the boa binary. Because there is no user input validation, this leads to authenticated code execution on the device.