CVE-2024-31408

Description

OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request.

CVSS breakdown

CVSS 3.0

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

AIPHONE CO., LTD. / IX-BAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-BAUfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-BBfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-BBTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-BUfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-DAUfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-DBfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-DBTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-DUfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DVfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DVFfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DVF-2RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DVF-Lfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DVF-Pfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DVF-RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-DVMfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-DVTfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-EAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-EATfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-EAUfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-FAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IXG-2C7firmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
AIPHONE CO., LTD. / IXG-2C7-Lfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
AIPHONE CO., LTD. / IXG-DM7firmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
AIPHONE CO., LTD. / IXG-DM7-10Kfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
AIPHONE CO., LTD. / IXG-DM7-HIDfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
AIPHONE CO., LTD. / IXG-DM7-HIDAfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
AIPHONE CO., LTD. / IXG-MKfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
AIPHONE CO., LTD. / IXGW-GWfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
AIPHONE CO., LTD. / IXGW-LCfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
AIPHONE CO., LTD. / IXGW-TGWfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
AIPHONE CO., LTD. / IX-MVfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-Bfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-BTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-HBfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-HBTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-HWfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-HW-JPfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-HWTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-Wfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-MV7-WTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-RS-Bfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-RS-BTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-RS-Wfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-RS-WTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-SPMICfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-SS-2Gfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-SS-2G-Nfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-SS-2GTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
AIPHONE CO., LTD. / IX-SSAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-SSA-2RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IX-SSA-RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
AIPHONE CO., LTD. / IXW-MAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier

CVE-2024-31408

Description

CVSS breakdown

Affected products

References