CVE-2024-21786
published 2024-11-21CVE-2024-21786: An OS command injection vulnerability exists in the web interface configuration upload functionality of MC Technologies MC LR Router 2.10.5. A specially…
PriorityP356high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
10.51%
95.2th percentile
An OS command injection vulnerability exists in the web interface configuration upload functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mc-technologies | mc_lr_router_firmware | — | — |
| mc_technologies | mc_lr_router | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
MC LR Router and GoCast unpatched vulnerabilities
blogs_talos·2024-12-09·CVSS 7.2
[HIGH] MC LR Router and GoCast unpatched vulnerabilities
## MC LR Router and GoCast unpatched vulnerabilities
Cisco Talos' Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service.
These vulnerabilities have not been patched at time of this posting.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org , and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website .
## MC Technologies OS command injection vulnerabilities
Discovered by Matt Wiseman of Cisco Talos.
The MC-LR Router from MC Technologies supports IPsec and OpenVPN implementations, firewall capabilities, remote management via HTTP and SNMP, and configurable alerting via SMS and email, with two-p
Talos
MC LR Router and GoCast unpatched vulnerabilities
blogs_talos·2024-12-09·CVSS 7.2
[HIGH] MC LR Router and GoCast unpatched vulnerabilities
Cisco Talos' Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service.
These vulnerabilities have not been patched at time of this posting.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
## MC Technologies OS command injection vulnerabilities
Discovered by Matt Wiseman of Cisco Talos.
The MC-LR Router from MC Technologies supports IPsec and OpenVPN implementations, firewall capabilities, remote management via HTTP and SNMP, and configurable alerting via SMS and email, with two-port and four-port variants, includes models that support
2024-11-21
Published