exploitDog

CVE-2024-24091

Опубликовано: 08 фев. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface.

Ссылки

https://www.yealink.com/en/trust-center/security-advisories/2f2b990211c440cf
Vendor Advisory
https://www.yealink.com/en/trust-center/security-advisories/2f2b990211c440cf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:yealink:yealink_meeting_server:*:*:*:*:*:*:*:*

Версия до 26.0.0.66 (исключая)

EPSS

Процентиль: 79%

0.01222

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78

CWE-94

Связанные уязвимости

GHSA-r57p-gw8h-38xj

CVSS3: 9.8

github

почти 2 года назад

Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface.

EPSS

Процентиль: 79%

0.01222

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78

CWE-94