What is CVE-2012-3001?

CVE-2012-3001 is a vulnerability in Mutiny Standard, classified under OS Command Injection. Published 2012-10-22.

Is CVE-2012-3001 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Mutiny Standard

CVE-2012-3001

Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability."

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.706 (98.7th percentile) — read the EPSS interpretation.

Affected products

Mutiny Standard — versions 4.4-1.12, 4.5-1.03, 4.5-1.05
N/a — versions n/a

Weakness classification (CWE)

CWE-78 — OS Command Injection

Public proof-of-concept exploits

rapid7/metasploit-framework

References

VU#841851 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
56165 (vdb-entry, x_refsource_BID)
cret@cert.org (x_refsource_CONFIRM)
51094 (x_refsource_SECUNIA, third-party-advisory)
86570 (x_refsource_OSVDB, vdb-entry)

Frequently asked questions

What is CVE-2012-3001?: CVE-2012-3001 is a vulnerability in Mutiny Standard, classified under OS Command Injection. Published 2012-10-22.
Is CVE-2012-3001 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.