BackBox.org News
  • BackBox.org
  • Linux
  • Community
  • News
  • Services
  • Sitemap
  • Contact
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
MC LR Router and GoCast unpatched vulnerabilities

MC LR Router and GoCast unpatched vulnerabilities

December 9, 2024/in Company Blogs

MC LR Router and GoCast unpatched vulnerabilities

Cisco Talos’ Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service. 

These vulnerabilities have not been patched at time of this posting. 

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.  

MC Technologies OS command injection vulnerabilities 

Discovered by Matt Wiseman of Cisco Talos. 

The MC-LR Router from MC Technologies supports IPsec and OpenVPN implementations, firewall capabilities, remote management via HTTP and SNMP, and configurable alerting via SMS and email, with two-port and four-port variants, includes models that support transparent serial-to-TCP translations and 1-in/1-out digital I/O. 

Talos recently published two advisories detailing OS command injection vulnerabilities discovered in the MC-LR Router from MC Technologies. TALOS-2024-1953 covers three vulnerabilities (CVE-2024-28025 through CVE-2024-28027), which are reachable through the I/O configuration functionality of the web interface. TALOS-2024-1954 covers one vulnerability (CVE-2024-21786) in the importation of uploaded configuration files. All vulnerabilities may be triggered with an authenticated HTTP request. 

GoCast authentication and OS command injection vulnerabilities 

Discovered by Edwin Molenaar and Matt Street of Cisco Meraki. 

The GoCast tool provides BGP routing for advertisements from a host; it is commonly used for anycast-based load balancing for infrastructure service instances available in geographically diverse regions.  

The GoCast HTTP API allows the registration and deregistration of apps without requiring authentication, shown in TALOS-2024-1962 (CVE-2024-21855). The lack of authentication can be used to exploit TALOS-2024-1960 (CVE-2024-28892) and TALOS-2024-1961 (CVE-2024-29224), leading to OS command injection and arbitrary command execution. 

Cisco Talos Blog – ​Read More

Share this entry
  • Share on Facebook
  • Share on X
  • Share on WhatsApp
  • Share on LinkedIn
  • Share on Vk
  • Share on Reddit
  • Share by Mail
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png 0 0 https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png 2024-12-09 20:06:572024-12-09 20:06:57MC LR Router and GoCast unpatched vulnerabilities
Search Search
Copyright © BackBox.org
  • Link to X
  • Link to Facebook
  • Link to LinkedIn
  • Link to Youtube
  • Link to Telegram
Link to: Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation Link to: Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation Link to: Attackers Can Use QR Codes to Bypass Browser Isolation Link to: Attackers Can Use QR Codes to Bypass Browser Isolation Attackers Can Use QR Codes to Bypass Browser IsolationAttackers Can Use QR Codes to Bypass Browser Isolation
Scroll to top Scroll to top Scroll to top