ГлавнаяУязвимости → CVE-2024-50627
8.8высокая

CVE-2024-50627

Описание

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.

Затрагиваемое ПО
Digi Connectport lts firmwareDigi Connectport lts 16Digi Connectport lts 16 meiDigi Connectport lts 16 mei 2acDigi Connectport lts 32Digi Connectport lts 32 meiDigi Connectport lts 8 mei
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.digi.com/getattachment/Resources/Security/Alerts/Digi-ConnectPort-LTS-Firmware-Update/ConnectPort-LTS-KB.pdfhttps://www.digi.com/resources/documentation/digidocs/pdfs/90001001.pdfhttps://www.digi.com/resources/security