CVE-2024-20459

Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware (affected versions not specified)

Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker with high privileges to execute arbitrary commands as the root user on the underlying operating system. This issue is due to a lack of input sanitization in the web-based management interface. An attacker could exploit this vulnerability by sending a malicious request to the web-based management interface, potentially allowing the execution of arbitrary commands on the underlying operating system as the root user.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.