exploitDog

CVE-2024-22063

Опубликовано: 30 дек. 2024

Источник: nvd

CVSS3: 7.6

CVSS3: 9

EPSS Низкий

Описание

The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devices.

Ссылки

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4522216612187627521
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zte:zenic_one_r58:*:*:*:*:*:*:*:*

Версия до 16.24.40 (исключая)

EPSS

Процентиль: 52%

0.00291

Низкий

7.6 High

CVSS3

9 Critical

CVSS3

Дефекты

CWE-1236

CWE-1236

Связанные уязвимости

GHSA-m7rr-9vhr-9v38

CVSS3: 7.6

github

около 1 года назад

The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An authenticated attacker can exploit this vulnerability to tamper with messages, inject malicious code, and subsequently launch attacks on related devices.

EPSS

Процентиль: 52%

0.00291

Низкий

7.6 High

CVSS3

9 Critical

CVSS3

Дефекты

CWE-1236

CWE-1236