exploitDog

CVE-2024-29838

Опубликовано: 15 апр. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software

Ссылки

https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiple-vulnerabilities.html
Third Party Advisory
https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiple-vulnerabilities.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cs-technologies:evolution:*:*:*:*:*:*:*:*

Версия до 2.04.560 (включая)

EPSS

Процентиль: 38%

0.00168

Низкий

7.5 High

CVSS3

Дефекты

CWE-20

CWE-908

Связанные уязвимости

GHSA-grqr-vjxq-x7g2

CVSS3: 7.5

github

почти 2 года назад

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software

EPSS

Процентиль: 38%

0.00168

Низкий

7.5 High

CVSS3

Дефекты

CWE-20

CWE-908