| |
Podatność CVE-2024-3904
Publikacja: 2024-07-04
| Opis: |
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tamper with, destroy or delete information in the product, or cause a denial-of-service (DoS) condition on the product. |
Typ:
CWE-276 (Incorrect Default Permissions)
Referencje: |
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-003_en.pdf
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English