ГлавнаяУязвимости → CVE-2024-55513
9.1критическая

CVE-2024-55513

Описание

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_netaction.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions.

Затрагиваемое ПО
Raisecom Msg2300 firmwareRaisecom Msg2300Raisecom Msg2100e firmwareRaisecom Msg2100eRaisecom Msg2200 firmwareRaisecom Msg2200Raisecom Msg1200 firmwareRaisecom Msg1200
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://gist.github.com/wscg928/cbe88078751abad2ada2334eb12a5060