CVE-2024-37038 - CERT CVE
ID CVE-2024-37038
Sažetak CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.
Reference
CVSS
Base: 8.8
Impact: 5.9
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 25-07-2024 - 20:25
Objavljeno 12-06-2024 - 17:15