CVE-2024-48406

Name of the Vulnerable Software and Affected Versions SunBK201 umicat versions 0.3.2 and earlier

Description The issue allows an attacker to execute arbitrary code via the power(uct int t x, uct int t n) function in src/uct upstream.c. This can be exploited to perform local network attacks.

Recommendations For versions 0.3.2 and earlier, upgrade to version 0.3.3 to mitigate the risk. As a temporary workaround, consider disabling the power() function in src/uct upstream.c until a patch is available.