CVE-2022-40266

Denial-of-Service (DoS) Vulnerability in FTP Server Function on GOT2000 Series

CVSS 5.3 MEDIUMEPSS 0.8%CWE-20

Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Produtos afetados

Mitsubishi Electric · GOT2000 Series GT23 model Mitsubishi Electric · GOT2000 Series GT25 model Mitsubishi Electric · GOT2000 Series GT27 model

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://jvn.jp/vu/JVNVU95633416 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-016_en.pdf