{"vulnerability": "cve-2019-7384", "sightings": [{"uuid": "3f765b82-cd2e-4914-9b4b-c504828072f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-7384", "type": "seen", "source": "MISP/5c642c58-4f08-4c74-ab2d-6ed50a021402", "content": "", "creation_timestamp": "2019-02-13T14:42:03.000000Z"}, {"uuid": "71a07508-fa2c-4d53-b18b-4d040be4a4c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-7384", "type": "seen", "source": "https://t.me/arpsyndicate/2745", "content": "#ExploitObserverAlert\n\nCVE-2019-7384\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2019-7384. An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call inside the boa binary. Because there is no user input validation, this leads to authenticated code execution on the device.\n\nFIRST-EPSS: 0.000640000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-09T12:29:58.000000Z"}]}