Vulnerability CVE-2024-5421


Published: 2024-06-04

Description:
Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command injection.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure
T. Weber
10.06.2024

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html

Copyright 2024, cxsecurity.com

 

Back to Top