CVE-2024-29838

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Evolution Controller versions 2.04.560.31.03.2024 and below

Description The Web interface of the Evolution Controller does not properly sanitize user input, allowing an unauthenticated attacker to crash the controller software.

Recommendations For versions 2.04.560.31.03.2024 and below, consider disabling the Web interface until a patch is available to prevent potential crashes by unauthenticated attackers. Restrict access to the Web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of Uninitialized Resource

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908CWE-457CWE-20

Related Identifiers

CVE-2024-29838

Affected Products

Evolution Controller

CVE-2024-29838

Weakness Enumeration

Related Identifiers

Affected Products

References · 6