exploitDog

CVE-2024-6787

Опубликовано: 21 сент. 2024

Источник: nvd

CVSS3: 5.3

CVSS3: 5.9

EPSS Низкий

Описание

This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.

Ссылки

https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05
Third Party Advisory
US Government Resource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:moxa:mxview_one:*:*:*:*:*:*:*:*

Версия до 1.4.1 (исключая)

EPSS

Процентиль: 58%

0.00373

Низкий

5.3 Medium

CVSS3

5.9 Medium

CVSS3

Дефекты

CWE-367

CWE-367

Связанные уязвимости

GHSA-rchh-4f4f-rp53

CVSS3: 5.3

github

больше 1 года назад

This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.

EPSS

Процентиль: 58%

0.00373

Низкий

5.3 Medium

CVSS3

5.9 Medium

CVSS3

Дефекты

CWE-367

CWE-367