ГлавнаяУязвимости → CVE-2024-24301
8.8высокая

CVE-2024-24301

Описание

Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web interface of the device allows attackers with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges.

Затрагиваемое ПО
4ipnet Eap-767 firmware4ipnet Eap-767
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/yckuo-sdc/PoChttps://github.com/yckuo-sdc/PoC