CVE-2024-5195 | Arris VAP2500 08.50 /diag_s.php customer_info command injection

Inserito da Angelo Barbosa | Mag 22, 2024 | CVE

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection.

This vulnerability is handled as CVE-2024-5195. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-5195 | Arris VAP2500 08.50 /diag_s.php customer_info command injection

Post correlati

CVE-2023-50470 | SeaCMS 12.8 admin_video.php action cross site scripting

CVE-2024-36038 | Zoho ManageEngine OpManager up to 1282487 Proxy Server Option cross site scripting

CVE-2024-43275 | Xyzscripts Insert PHP Code Snippet Plugin up to 1.3.6 on WordPress cross-site request forgery

CVE-2024-6741 | Openfind Mail2000 7.0/8.0 cookie httponly flag (Patch 131)