CVE-2024-7120 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface list_base_config.php template os command injection

Inserito da Angelo Barbosa | Lug 25, 2024 | CVE

A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. This affects an unknown part of the file list_base_config.php of the component Web Interface. The manipulation of the argument template leads to os command injection.

This vulnerability is uniquely identified as CVE-2024-7120. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to apply restrictive firewalling.

CVE-2024-7120 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface list_base_config.php template os command injection

Post correlati

CVE-2024-6295 | udn News App up to 4.20.0 on Android sensitive information

CVE-2024-33980 | Janobe PayPal/Credit Card/Debit Card Payment 1.0 printreport.php start cross site scripting

CVE-2023-31366 | AMD μProf Tool prior 3.4.494 denial of service

CVE-2024-26135 | Ylianst MeshCentral up to 1.1.20 CSWSH control.ashx origin validation (GHSA-cp68-qrhr-g9h8)