CVE-2022-40266

Summary

Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.

Affected Software

VendorProductVersion RangeStatus
Mitsubishi ElectricGOT2000 Series GT27 modelFTP server versions 01.39.000 and prioraffected
Mitsubishi ElectricGOT2000 Series GT25 modelFTP server versions 01.39.000 and prioraffected
Mitsubishi ElectricGOT2000 Series GT23 modelFTP server versions 01.39.000 and prioraffected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References