CVE-2024-9054 | Microchip TimeProvider 4100 up to 2.4.6 Configuration Module os command injection

Inserito da Angelo Barbosa | Ott 5, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Microchip TimeProvider 4100 up to 2.4.6. Affected by this issue is some unknown functionality of the component Configuration Module. The manipulation leads to os command injection.

This vulnerability is handled as CVE-2024-9054. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-9054 | Microchip TimeProvider 4100 up to 2.4.6 Configuration Module os command injection

Post correlati

CVE-2024-42052 | Splashtop Streamer up to 3.5.7.x on Windows Installation wevtutil.exe temp file

CVE-2023-38021 | Fortanix EnclaveOS up to 3.31 on Intel SGX System Call enclave_ecall improper authorization (GHSA-v3vm-9h66-wm76)

CVE-2024-42561 | Pharmacy Management System a2efc8 sales_report.php invoice_number sql injection

CVE-2023-25535 | Dell SupportAssist Client Consumer prior 3.13.2.19 privileges management