ГлавнаяУязвимости → CVE-2024-33898
9.8критическая

CVE-2024-33898

Описание

Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 is affected by an Incorrect Access Control vulnerability. An authorization bypass allows remote attackers to achieve unauthenticated remote code execution.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.axiros.com/2024/03/vulnerability-in-axusermanagerhttps://www.nsideattacklogic.de/advisories/NSIDE-SA-2024-002https://www.axiros.com/2024/03/vulnerability-in-axusermanager