PT-2024-3978 · Lenels2 · Lenels2 Netbox
Claroty Team82
+1
·
Published
2024-03-13
·
Updated
2026-02-02
·
CVE-2024-2422
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
LenelS2 NetBox versions prior to and including 5.6.1
Description
The issue is related to an authenticated remote code execution (RCE) that allows an attacker to execute malicious commands. It is associated with the injection or modification of arguments, which can enable a remote attacker to execute arbitrary commands.
Recommendations
For versions prior to and including 5.6.1, update to a version later than 5.6.1 to resolve the issue.
Fix
RCE
Argument Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lenels2 Netbox