CVE-2024-45262 in MT6000info

Zusammenfassung

von MITRE • 25.10.2024

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The params parameter in the call method of the /rpc endpoint is vulnerable to arbitrary directory traversal, which enables attackers to execute scripts under any path.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

MITRE

Reservieren

25.08.2024

Veröffentlichung

25.10.2024

Moderieren

akzeptiert

Eintrag

VDB-281778

CPE

bereit

CWE

CWE-22 (bestätigt)

CVSS

8.8 (CNA)

EPSS

0.00132

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-45262
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-45262
CVE Details	https://www.cvedetails.com/cve/CVE-2024-45262/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!