CVE-2024-32850

Name of the Vulnerable Software and Affected Versions SkyBridge MB-A100/MB-A110 versions 4.2.2 and earlier SkyBridge BASIC MB-A130 versions 1.5.5 and earlier

Description The issue is related to improper neutralization of special elements used in a command, also known as 'Command Injection'. This allows an attacker with access to the product to execute an arbitrary command or login to the product with administrator privilege if the remote monitoring and control function is enabled. Over 14,000 results have been found, indicating a significant number of potentially affected devices.

Recommendations For SkyBridge MB-A100/MB-A110 versions 4.2.2 and earlier, consider disabling the remote monitoring and control function until a patch is available. For SkyBridge BASIC MB-A130 versions 1.5.5 and earlier, consider disabling the remote monitoring and control function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.