{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-15T00:00:00", "descriptions": [{"lang": "en", "value": "The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-27T19:06:10", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://downloads.avaya.com/css/P8/documents/100158840"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.busybox.net/news.html"}, {"name": "45363", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45363"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.busybox.net/show_bug.cgi?id=3979"}, {"name": "RHSA-2012:0810", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0810.html"}, {"name": "48879", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/48879"}, {"name": "MDVSA-2012:129", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129"}, {"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2019/Jun/18"}, {"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Jun/14"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"}, {"name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2020/Aug/20"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:08:23.908Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://downloads.avaya.com/css/P8/documents/100158840"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.busybox.net/news.html"}, {"name": "45363", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45363"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.busybox.net/show_bug.cgi?id=3979"}, {"name": "RHSA-2012:0810", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-0810.html"}, {"name": "48879", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/48879"}, {"name": "MDVSA-2012:129", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129"}, {"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2019/Jun/18"}, {"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Jun/14"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"}, {"name": "20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2020/Aug/20"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2716", "datePublished": "2012-07-03T16:00:00", "dateReserved": "2011-07-11T00:00:00", "dateUpdated": "2024-08-06T23:08:23.908Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*", "matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*", "matchCriteriaId": "05AA0056-7538-407C-8BC0-29C4445789EC", "versionEndIncluding": "1.19.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:0.60.5:*:*:*:*:*:*:*", "matchCriteriaId": "41F70FE4-28AA-40D1-A2D2-D7047404E3BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "539C33E8-53AA-4415-BDA2-C4EE889FDB64", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre1:*:*:*:*:*:*", "matchCriteriaId": "C4BE3A71-E803-43C8-B53F-8C20BB132F75", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre10:*:*:*:*:*:*", "matchCriteriaId": "1AA13666-9A74-4AF1-AE85-1BA77EA29198", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre2:*:*:*:*:*:*", "matchCriteriaId": "DBD51351-67B1-42F6-BE73-DA5AFB928974", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre3:*:*:*:*:*:*", "matchCriteriaId": "8EE87F7B-03C5-4755-83F7-8232463BCDA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre4:*:*:*:*:*:*", "matchCriteriaId": "76D62563-B4ED-43DA-B7BC-FC86849A4DD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre5:*:*:*:*:*:*", "matchCriteriaId": "0E4E84F2-C7A8-4EF3-A3EE-4FA9CB2FA292", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre6:*:*:*:*:*:*", "matchCriteriaId": "C03469B6-AE15-41AB-A67D-AE62DADFD22C", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre7:*:*:*:*:*:*", "matchCriteriaId": "B29EAA0E-A553-40A4-88A9-F81017783C50", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre8:*:*:*:*:*:*", "matchCriteriaId": "4B669C73-F2FA-4D16-8B5C-EC0E3634A7A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:pre9:*:*:*:*:*:*", "matchCriteriaId": "969C97CC-C889-46A4-B82E-01AEBA6AECA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "93E8B93E-5693-471D-B10B-B4C0E77007F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "A8858B1E-3839-4F28-9CC3-12263A0866D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.0.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "BE249211-C5D8-482B-8277-8969D66FA55F", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "1E2D0557-0C6A-40B6-BF08-0D24CDCF0FD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1D67C2D-825B-4E66-A43F-9D07BB3CF9CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.1.0:pre1:*:*:*:*:*:*", "matchCriteriaId": "B670ED8A-0740-4F75-9448-F9A6DE9D18E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5408DA3E-9CA1-4768-992C-1732A45C4365", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D0A9C5E7-5260-4EBD-8A62-B11EE81906F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "55E1C67B-87DD-4883-A4DC-539783B4223E", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "09A4634A-6B09-477B-AC5C-109D1708935D", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C035059E-0B42-4C1F-9C6D-866D69DE4702", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCA06DD4-6993-4F5F-8D01-94CEFB684D28", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3F4032E-04CF-4EA9-AF05-B6EBE5FFEDDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F95E79C7-1C7D-4A7B-8465-C4D3557C0097", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBA76F53-2D6B-432F-99AD-3D126F463535", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "80FD3330-1F10-4697-ABEA-806E3068678B", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F696DE8-423B-4F93-A2FE-8CCC9EB7E48A", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "49A6A3CC-A56B-4861-9668-8AE05247042C", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E508DF8D-33E4-485A-9348-B4592A9C0207", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9796F6C1-52BB-448A-A807-0A6036B3ECC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "71494758-A192-4A83-85D6-6A368CD58BF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB367825-26AE-4B75-A329-EC9DD0EC8004", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "4336604A-11D1-4450-B38F-378263A299B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "1DAE682D-2F8E-40B2-8894-9FCAA8CD0101", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "04D61499-332E-4AE7-A005-32A0DDE81DF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "3923C03C-DD87-4FF8-BC97-A72CC65155FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E9A8BC6-CA69-46B0-9426-34ADB2695BEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "B6704C4C-88E6-466D-9CAE-6FE8545F0977", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F20F2DBA-E5F1-4DE7-95A3-8A044A94E9EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "DC859628-5C13-4513-93C2-538F0A6A2586", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AB0BF42-4C41-44DF-926A-9144C2F385E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "C17EDB63-B733-4761-B535-7F72E8F787A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "F69A0F8C-B003-485F-813A-D4E1A4E88584", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "8509CF5F-D1D1-4EB5-A061-00EEEEED68BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2A7A44C-C438-407C-97FF-435BE95795FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "28738A5C-C205-4FC5-8633-5A7B898A1832", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "B8B44A0E-800C-4342-BA75-A48F3A56C3CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "2F341E09-BF96-43E6-96CC-7AFD8736938C", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "6AEB371C-36DF-4421-882B-C769ED8404EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "23D58896-B93B-4D5C-B42A-802B86A8D986", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "96B38C04-7990-4B5A-86DB-9DE35BD73BED", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "CD8D48C9-CC0F-4ACE-9C59-67E962C2DB6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A1607A0-9B02-4433-B246-CE0FC73C2F64", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "ED230815-6F03-49D2-8422-5E4764C92776", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "89769E1E-FC6F-464F-9D2D-4A92E8150023", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "A818C102-5BBA-49ED-A2FF-CB60D50B867F", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "4965028A-4818-4F49-A69F-E4936B802933", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "789A3850-A613-41D5-A4B1-5B21F0DAD865", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D06891-0077-43A7-84FE-26BEB4615820", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "AAEBB6E8-4B1C-4F90-A429-4A08B5958706", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7DCE0B0-FC75-4C79-9B69-7E45F6DF1B2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "46F680B7-A7C9-491C-B084-809FA91A4306", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4B04CD2-EE97-4480-A3BD-A9405CC72408", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "3301EA75-92C1-4A07-8D4F-C03327F0DCA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A528C12-8E6C-47E3-B1B3-8DDA5C934C28", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "A56FDCCB-87A7-4354-83EA-3BEAFF0FF019", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "CC00E801-D3E0-4D9E-B004-F2192D1D552A", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "66D0CE4D-E98B-4080-8372-7F1632A1E8F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "EAD322BE-7397-4154-B2BD-7E94275C1CEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.15.2:*:*:*:*:*:*:*", "matchCriteriaId": "7288E37E-9B8C-403E-A534-6191A0C6B4D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.15.3:*:*:*:*:*:*:*", "matchCriteriaId": "2DB0017A-2FDB-424D-B693-3609141321A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.16.0:*:*:*:*:*:*:*", "matchCriteriaId": "F6DA7560-D138-4D9C-9D1B-1DF0F79181AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.16.1:*:*:*:*:*:*:*", "matchCriteriaId": "904B27F8-A167-4986-9AD3-665AF0D9B364", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.16.2:*:*:*:*:*:*:*", "matchCriteriaId": "E92B4186-3A3B-46E6-ADCA-B5EDCB122A88", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.17.0:*:*:*:*:*:*:*", "matchCriteriaId": "852E6303-7BC5-4559-A653-727E5F8D21F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "75C8ED43-A5E6-4413-9723-C69D9F46EF73", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.17.2:*:*:*:*:*:*:*", "matchCriteriaId": "82866980-4335-4A5A-B4ED-750C848861C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.17.3:*:*:*:*:*:*:*", "matchCriteriaId": "5566B9F7-9C87-46F2-948C-7D2599035F82", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.17.4:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AEC0B-A24B-4B4F-ABDD-60FC57257634", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.18.0:*:*:*:*:*:*:*", "matchCriteriaId": "E850B3B9-8D40-4C6C-9872-16C5235655B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "07CECA25-E276-46F6-A811-6B428B4DB4A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.18.2:*:*:*:*:*:*:*", "matchCriteriaId": "55DDF725-B099-4187-ADB5-10CA4E6105ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.18.3:*:*:*:*:*:*:*", "matchCriteriaId": "834E01F2-96CD-4F2D-9854-A68B31E1E3DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.18.4:*:*:*:*:*:*:*", "matchCriteriaId": "F6576665-E960-4338-ACF0-747F71443887", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.18.5:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC1DCB-BC86-4C65-88B6-DC6F29C1BF12", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.19.0:*:*:*:*:*:*:*", "matchCriteriaId": "01DA4F8E-77CE-4552-A200-F7AE11CB99A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.19.2:*:*:*:*:*:*:*", "matchCriteriaId": "ABC7D599-2AA2-465D-8943-D43FB274562C", "vulnerable": true}, {"criteria": "cpe:2.3:a:busybox:busybox:1.19.3:*:*:*:*:*:*:*", "matchCriteriaId": "DA46F251-9F17-498F-B093-70ADF7F989F9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options."}, {"lang": "es", "value": "El cliente DHCP (udhcpc) en BusyBox anterior a v1.20.0 permite a servidores DHCP remotos ejecutar comandos arbitrarios mediante una shell de metacaracteres en el (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, y (4) las opciones de nombre de host TFTP_SERVER_NAME"}], "id": "CVE-2011-2716", "lastModified": "2020-08-27T20:15:09.893", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.2, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-07-03T16:40:30.507", "references": [{"source": "secalert@redhat.com", "url": "http://downloads.avaya.com/css/P8/documents/100158840"}, {"source": "secalert@redhat.com", "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2012-0810.html"}, {"source": "secalert@redhat.com", "url": "http://seclists.org/fulldisclosure/2019/Jun/18"}, {"source": "secalert@redhat.com", "url": "http://seclists.org/fulldisclosure/2020/Aug/20"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45363"}, {"source": "secalert@redhat.com", "url": "http://www.busybox.net/news.html"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/48879"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugs.busybox.net/show_bug.cgi?id=3979"}, {"source": "secalert@redhat.com", "url": "https://seclists.org/bugtraq/2019/Jun/14"}, {"source": "secalert@redhat.com", "url": "https://support.t-mobile.com/docs/DOC-21994"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:0308", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "busybox-1:1.2.0-13.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-02-21T00:00:00Z"}, {"advisory": "RHSA-2012:0810", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "busybox-1:1.15.1-15.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-06-19T00:00:00Z"}], "bugzilla": {"description": "busybox: udhcpc insufficient checking of DHCP options", "id": "725364", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725364"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:A/AC:H/Au:N/C:C/I:C/A:C", "status": "verified"}, "details": ["The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options."], "name": "CVE-2011-2716", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "busybox", "product_name": "Red Hat Enterprise Linux 4"}], "public_date": "2011-03-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-2716\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2716"], "threat_severity": "Low"}