OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 22 Nov 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request. | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV3_0
|
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2024-11-22T00:10:50.954Z
Updated: 2024-12-05T20:44:27.398Z
Reserved: 2024-09-26T01:39:39.689Z
Link: CVE-2024-31408
Vulnrichment
Updated: 2024-12-05T20:44:22.483Z
NVD
Status : Received
Published: 2024-11-22T02:15:19.480
Modified: 2024-11-22T02:15:19.480
Link: CVE-2024-31408
Redhat
No data.