ghsa-6r9h-2p8r-jf6r
Vulnerability from github
Published
2024-05-14 18:30
Modified
2024-05-14 18:30
Severity
7.2 (High) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-27944"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-73"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-14T16:16:31Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions \u003c V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.",
  "id": "GHSA-6r9h-2p8r-jf6r",
  "modified": "2024-05-14T18:30:59Z",
  "published": "2024-05-14T18:30:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27944"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-916916.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.