CVE Vulnerability

CVE-2022-40266

Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://jvn.jp/vu/JVNVU95633416 Third Party Advisory
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-016_en.pdf Mitigation Vendor Advisory
Configurations

Configuration 1
Information

Published : 2022-11-24 09:15

Updated : 2022-11-30 08:02

NVD link : CVE-2022-40266

Mitre link : CVE-2022-40266

Products Affected
No products.
CWE
CWE-20