CVE-2024-47128 | goTenna Pro Series up to 1.6.1 Broadcast Key Name insertion of sensitive information into sent data (icsa-24-270-04)

Inserito da Angelo Barbosa | Set 26, 2024 | CVE

A vulnerability was found in goTenna Pro Series up to 1.6.1. It has been declared as problematic. This vulnerability affects unknown code of the component Broadcast Key Name Handler. The manipulation leads to insertion of sensitive information into sent data.

This vulnerability was named CVE-2024-47128. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47128 | goTenna Pro Series up to 1.6.1 Broadcast Key Name insertion of sensitive information into sent data (icsa-24-270-04)

Post correlati

CVE-2024-25935 | Metagauss RegistrationMagic Plugin up to 5.2.5.9 on WordPress authorization

CVE-2024-23559 | HCL DevOps Deploy/Launch up to 7.0.5.20/7.1.2.16/7.2.3.9/7.3.2.4/8.0.0.1 HTTP Header Privilege Escalation (KB0111924)

CVE-2024-25048 | IBM MQ Appliance 9.3 heap-based overflow (XFDB-283137)

CVE-2021-35002 | BMC Track-It 20.21.01.102 unrestricted upload (ZDI-22-002)