CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31528
https://notcve.org/view.php?id=CVE-2023-31528
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter. • https://github.com/leetsun/IoT/tree/main/Motorola-CX2L/CI2 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31529
https://notcve.org/view.php?id=CVE-2023-31529
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter. • https://github.com/leetsun/IoT/tree/main/Motorola-CX2L/CI1 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31530
https://notcve.org/view.php?id=CVE-2023-31530
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter. • https://github.com/leetsun/IoT/tree/main/Motorola-CX2L/CI4 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31531
https://notcve.org/view.php?id=CVE-2023-31531
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter. • https://github.com/leetsun/IoT/tree/main/Motorola-CX2L/CI3 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2019-15513
https://notcve.org/view.php?id=CVE-2019-15513
An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang. Se detecto un problema un problema en OpenWrt libuci (también conocida como Biblioteca para la Interfaz de Configuración Unificada) en versiones anteriores a la 15.05.1 como se utiliza en los dispositivos Motorola CX2L MWR04L 1.01 y C1 MWR03 1.01. /tmp/.uci/network locking se maneja incorrectamente después de la recepción de un comando SetWanSettings largo, lo que lleva a un bloqueo del dispositivo. • https://git.openwrt.org/?p=project/uci.git%3Ba=commitdiff%3Bh=19e29ffc15dbd958e8e6a648ee0982c68353516f https://github.com/TeamSeri0us/pocs/blob/master/iot/morouter/motorola%E8%B7%AF%E7%94%B1%E5%99%A8%E6%96%87%E4%BB%B6%E8%A7%A3%E9%94%81%E6%BC%8F%E6%B4%9E.pdf https://lists.infradead.org/pipermail/openwrt-devel/2019-November/019736.html https://lists.openwrt.org/pipermail/openwrt-devel/2019-November/025453.html • CWE-667: Improper Locking •