Podatność CVE-2024-3904


Publikacja: 2024-07-04

Opis:
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions "05" to "07" allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tamper with, destroy or delete information in the product, or cause a denial-of-service (DoS) condition on the product.

Typ:

CWE-276

(Incorrect Default Permissions)

 Referencje:
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-003_en.pdf

Copyright 2024, cxsecurity.com

 

Back to Top