CVE-2020-5546

Summary

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows an attacker on the same network segment to stop the network functions or execute malware via a specially crafted packet.

Affected Software

VendorProductVersion RangeStatus
Mitsubishi Electric CorporationMitsubishi Electric MELQIC IU1 seriesIU1-1M20-D firmware version 1.0.7 and earlieraffected

Weaknesses

  • Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

ADP Enrichment

CVE Program Container

Additional References

References