Vulnerability CVE-2024-5672


Published: 2024-07-03

Description:
A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.

See advisories in our WLB2 database:
Topic
Author
Date
High
Helmholz Industrial Router REX100 / MBConnectline mbNET.mini 2.2.11 Command Injection
S. Dietz
04.07.2024

Type:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://cert.vde.com/en/advisories/VDE-2024-030
https://cert.vde.com/en/advisories/VDE-2024-032

Copyright 2024, cxsecurity.com

 

Back to Top