← Back

CVE-2022-40266

nvd nist
Published: Nov 24, 2022Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.

Affected (3)

Mitsubishielectric
3 products
Got2000 Gt27 Firmware
Got2000 Gt25 Firmware
Got2000 Gt23 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Got2000 Gt27 Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Got2000 Gt27
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Got2000 Gt25 Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Got2000 Gt25
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Got2000 Gt23 Firmware
Up to 01.39.000
Running on/withPlatform Versions
Mitsubishielectric
Got2000 Gt23
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
Third Party Advisory
Source: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory

Timeline

No history available yet.