Created on 2024-12-20 07:12 and updated on 2024-12-20 07:12.
Description
CVE-2024-20353 is a denial-of-service attack that allows a remote, unauthenticated attacker to cause the device to reload unexpectedly, resulting in a denial-of-service condition. CVE-2024-20358 is a command injection attack that allows a local, authenticated attacker with Administrator level privileges to run arbitrary commands as root on the underlying device operating system. CVE-2024-20359 is similar and is an arbitrary code execution attack that allows a local, authenticated attacker with Administrator level privileges to execute arbitrary code as root on the underlying device operating system.
Vulnerabilities included in this bundle
Author
Jean-Louis HuynenCombined sightings
Author | Vulnerability | Source | Type | Date |
---|