PT-2023-7466 · Unknown · Hgiga Powerstation

Chiu Tsungshu

Publicado

2023-01-31

Atualizado

2023-03-30

CVE-2023-24837

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HGiga PowerStation (affected versions not specified)

Description The issue is related to insufficient filtering for user input in the remote management function of the system, allowing an authenticated remote attacker to inject and execute arbitrary system commands. This could enable the attacker to perform arbitrary system operations or disrupt service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

BDU:2023-08509

CVE-2023-24837

Produtos afetados

Hgiga Powerstation

PT-2023-7466 · Unknown · Hgiga Powerstation

CVE-2023-24837

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6