Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS

vendor:

IPn4G, IPn3Gb, IPn4Gb, Bullet-3G, VIP4Gb, VIP4G, VIP4G-WiFi-N, IPn3Gii, Bullet-LTE, BulletPlus, and Dragon-LTE

by:

Microhard Systems Inc.

5.9

CVSS

MEDIUM

DoS

CWE

Product Name: IPn4G, IPn3Gb, IPn4Gb, Bullet-3G, VIP4Gb, VIP4G, VIP4G-WiFi-N, IPn3Gii, Bullet-LTE, BulletPlus, and Dragon-LTE

Affected Version From: IPn4G 1.1.0 build 1098

Affected Version To: Dragon-LTE 1.1.0 build 1036

Patch Exists: YES

Related CWE: CVE-2020-14093

CPE: h:microhard_systems:ipn4g

Other Scripts: N/A

Platforms Tested: None

2020

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS

A vulnerability in Microhard Systems Inc.’s IPn4G, IPn3Gb, IPn4Gb, Bullet-3G, VIP4Gb, VIP4G, VIP4G-WiFi-N, IPn3Gii, Bullet-LTE, BulletPlus, and Dragon-LTE products could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper input validation of certain parameters in the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected device. A successful exploit could allow the attacker to cause a DoS condition on the targeted system.

Mitigation:

Microhard Systems Inc. has released firmware updates to address this vulnerability. Users are advised to update to the latest version of the firmware.

Source

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS

Mitigation:

Exploit-DB raw data: