ГлавнаяУязвимости → CVE-2024-23811
8.8высокая

CVE-2024-23811

Описание

A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution.

Затрагиваемое ПО
Siemens Sinec nms
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://cert-portal.siemens.com/productcert/html/ssa-943925.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-943925.html