CVE-2011-2716
busybox: udhcpc insufficient checking of DHCP options
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
El cliente DHCP (udhcpc) en BusyBox anterior a v1.20.0 permite a servidores DHCP remotos ejecutar comandos arbitrarios mediante una shell de metacaracteres en el (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, y (4) las opciones de nombre de host TFTP_SERVER_NAME
The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-07-11 CVE Reserved
- 2012-02-21 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (14)
URL | Tag | Source |
---|---|---|
http://downloads.avaya.com/css/P8/documents/100158840 | X_refsource_confirm | |
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | X_refsource_misc | |
http://seclists.org/fulldisclosure/2019/Jun/18 | Mailing List | |
http://seclists.org/fulldisclosure/2020/Aug/20 | Mailing List | |
http://www.busybox.net/news.html | X_refsource_confirm | |
http://www.securityfocus.com/bid/48879 | Vdb Entry | |
https://seclists.org/bugtraq/2019/Jun/14 | Mailing List | |
https://support.t-mobile.com/docs/DOC-21994 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://bugs.busybox.net/show_bug.cgi?id=3979 | 2020-08-27 |
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2012-0810.html | 2020-08-27 | |
http://secunia.com/advisories/45363 | 2020-08-27 | |
http://www.mandriva.com/security/advisories?name=MDVSA-2012:129 | 2020-08-27 | |
https://access.redhat.com/security/cve/CVE-2011-2716 | 2012-06-19 | |
https://bugzilla.redhat.com/show_bug.cgi?id=725364 | 2012-06-19 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
T-mobile Search vendor "T-mobile" | Tm-ac1900 Search vendor "T-mobile" for product "Tm-ac1900" | 3.0.0.4.376_3169 Search vendor "T-mobile" for product "Tm-ac1900" and version "3.0.0.4.376_3169" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | <= 1.19.4 Search vendor "Busybox" for product "Busybox" and version " <= 1.19.4" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 0.60.5 Search vendor "Busybox" for product "Busybox" and version "0.60.5" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.00 Search vendor "Busybox" for product "Busybox" and version "1.00" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre1 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre10 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre2 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre3 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre4 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre5 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre6 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre7 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre8 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | pre9 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | rc1 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | rc2 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.0.0 Search vendor "Busybox" for product "Busybox" and version "1.0.0" | rc3 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.01 Search vendor "Busybox" for product "Busybox" and version "1.01" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.1.0 Search vendor "Busybox" for product "Busybox" and version "1.1.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.1.0 Search vendor "Busybox" for product "Busybox" and version "1.1.0" | pre1 |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.1.1 Search vendor "Busybox" for product "Busybox" and version "1.1.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.1.2 Search vendor "Busybox" for product "Busybox" and version "1.1.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.1.3 Search vendor "Busybox" for product "Busybox" and version "1.1.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.2.0 Search vendor "Busybox" for product "Busybox" and version "1.2.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.2.1 Search vendor "Busybox" for product "Busybox" and version "1.2.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.2.2 Search vendor "Busybox" for product "Busybox" and version "1.2.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.2.2.1 Search vendor "Busybox" for product "Busybox" and version "1.2.2.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.3.0 Search vendor "Busybox" for product "Busybox" and version "1.3.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.3.1 Search vendor "Busybox" for product "Busybox" and version "1.3.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.3.2 Search vendor "Busybox" for product "Busybox" and version "1.3.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.4.0 Search vendor "Busybox" for product "Busybox" and version "1.4.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.4.1 Search vendor "Busybox" for product "Busybox" and version "1.4.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.4.2 Search vendor "Busybox" for product "Busybox" and version "1.4.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.5.0 Search vendor "Busybox" for product "Busybox" and version "1.5.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.5.1 Search vendor "Busybox" for product "Busybox" and version "1.5.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.6.0 Search vendor "Busybox" for product "Busybox" and version "1.6.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.6.1 Search vendor "Busybox" for product "Busybox" and version "1.6.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.7.0 Search vendor "Busybox" for product "Busybox" and version "1.7.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.7.1 Search vendor "Busybox" for product "Busybox" and version "1.7.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.7.2 Search vendor "Busybox" for product "Busybox" and version "1.7.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.7.3 Search vendor "Busybox" for product "Busybox" and version "1.7.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.8.0 Search vendor "Busybox" for product "Busybox" and version "1.8.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.8.1 Search vendor "Busybox" for product "Busybox" and version "1.8.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.8.2 Search vendor "Busybox" for product "Busybox" and version "1.8.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.9.0 Search vendor "Busybox" for product "Busybox" and version "1.9.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.9.1 Search vendor "Busybox" for product "Busybox" and version "1.9.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.9.2 Search vendor "Busybox" for product "Busybox" and version "1.9.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.10.0 Search vendor "Busybox" for product "Busybox" and version "1.10.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.10.1 Search vendor "Busybox" for product "Busybox" and version "1.10.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.10.2 Search vendor "Busybox" for product "Busybox" and version "1.10.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.10.3 Search vendor "Busybox" for product "Busybox" and version "1.10.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.10.4 Search vendor "Busybox" for product "Busybox" and version "1.10.4" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.11.0 Search vendor "Busybox" for product "Busybox" and version "1.11.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.11.1 Search vendor "Busybox" for product "Busybox" and version "1.11.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.11.2 Search vendor "Busybox" for product "Busybox" and version "1.11.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.11.3 Search vendor "Busybox" for product "Busybox" and version "1.11.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.12.0 Search vendor "Busybox" for product "Busybox" and version "1.12.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.12.1 Search vendor "Busybox" for product "Busybox" and version "1.12.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.12.2 Search vendor "Busybox" for product "Busybox" and version "1.12.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.12.3 Search vendor "Busybox" for product "Busybox" and version "1.12.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.12.4 Search vendor "Busybox" for product "Busybox" and version "1.12.4" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.13.0 Search vendor "Busybox" for product "Busybox" and version "1.13.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.13.1 Search vendor "Busybox" for product "Busybox" and version "1.13.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.13.2 Search vendor "Busybox" for product "Busybox" and version "1.13.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.13.3 Search vendor "Busybox" for product "Busybox" and version "1.13.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.13.4 Search vendor "Busybox" for product "Busybox" and version "1.13.4" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.14.0 Search vendor "Busybox" for product "Busybox" and version "1.14.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.14.1 Search vendor "Busybox" for product "Busybox" and version "1.14.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.14.2 Search vendor "Busybox" for product "Busybox" and version "1.14.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.14.3 Search vendor "Busybox" for product "Busybox" and version "1.14.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.14.4 Search vendor "Busybox" for product "Busybox" and version "1.14.4" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.15.0 Search vendor "Busybox" for product "Busybox" and version "1.15.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.15.1 Search vendor "Busybox" for product "Busybox" and version "1.15.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.15.2 Search vendor "Busybox" for product "Busybox" and version "1.15.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.15.3 Search vendor "Busybox" for product "Busybox" and version "1.15.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.16.0 Search vendor "Busybox" for product "Busybox" and version "1.16.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.16.1 Search vendor "Busybox" for product "Busybox" and version "1.16.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.16.2 Search vendor "Busybox" for product "Busybox" and version "1.16.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.17.0 Search vendor "Busybox" for product "Busybox" and version "1.17.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.17.1 Search vendor "Busybox" for product "Busybox" and version "1.17.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.17.2 Search vendor "Busybox" for product "Busybox" and version "1.17.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.17.3 Search vendor "Busybox" for product "Busybox" and version "1.17.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.17.4 Search vendor "Busybox" for product "Busybox" and version "1.17.4" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.18.0 Search vendor "Busybox" for product "Busybox" and version "1.18.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.18.1 Search vendor "Busybox" for product "Busybox" and version "1.18.1" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.18.2 Search vendor "Busybox" for product "Busybox" and version "1.18.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.18.3 Search vendor "Busybox" for product "Busybox" and version "1.18.3" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.18.4 Search vendor "Busybox" for product "Busybox" and version "1.18.4" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.18.5 Search vendor "Busybox" for product "Busybox" and version "1.18.5" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.19.0 Search vendor "Busybox" for product "Busybox" and version "1.19.0" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.19.2 Search vendor "Busybox" for product "Busybox" and version "1.19.2" | - |
Affected
| ||||||
Busybox Search vendor "Busybox" | Busybox Search vendor "Busybox" for product "Busybox" | 1.19.3 Search vendor "Busybox" for product "Busybox" and version "1.19.3" | - |
Affected
|