ГлавнаяУязвимости → CVE-2024-55063
8.8высокая

CVE-2024-55063

Описание

Multiple Code Injection vulnerabilities in EasyVirt DC NetScope <= 8.7.0 allows remote authenticated attackers to execute arbitrary code via the (1) lang parameter to /international/keyboard/options; the (2) keyboard_layout or (3) keyboard_variant parameter to /international/settings/keyboard; the (4) timezone parameter to /international/settings/timezone.

Затрагиваемое ПО
Easyvirt Dc netscope
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-55063.md