PT-2024-21883 · Planet · Planet Igs-4215-16T2S
Dan1T0
+1
·
Published
2024-03-21
·
Updated
2024-04-11
·
CVE-2024-2742
CVSS v3.1
6.4
Medium
| Vector | AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Planet IGS-4215-16T2S version 1.305b210528
Description
The issue allows an authenticated attacker to execute arbitrary code on the remote host by exploiting IP address functionality. This is an operating system command injection vulnerability.
Recommendations
For Planet IGS-4215-16T2S version 1.305b210528, consider restricting access to IP address functionality until a patch is available. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Planet Igs-4215-16T2S