CVE-2019-11322: OS Command Injection
First published: Thu Apr 18 2019(Updated: )
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Motorola Cx2 Firmware | =1.01 | |
| Motorola CX2 | ||
| Motorola M2 Firmware | =1.01 | |
| Motorola M2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-11322?
The severity of CVE-2019-11322 is critical with a severity value of 9.8.
What is the affected software of CVE-2019-11322?
The affected software of CVE-2019-11322 is Motorola CX2 Firmware version 1.01 and Motorola M2 Firmware version 1.01.
How does CVE-2019-11322 impact the affected software?
CVE-2019-11322 allows for remote code execution via shell metacharacters in a JSON value, leading to command injection.
Is Motorola CX2 vulnerable to CVE-2019-11322?
No, Motorola CX2 is not vulnerable to CVE-2019-11322.
Is Motorola M2 vulnerable to CVE-2019-11322?
No, Motorola M2 is not vulnerable to CVE-2019-11322.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/motorola
- canonical/motorola cx2 firmware
- version/motorola cx2 firmware/1.01
- canonical/motorola cx2
- canonical/motorola m2 firmware
- version/motorola m2 firmware/1.01
- canonical/motorola m2