An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.
History

Wed, 11 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-552
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 09 Dec 2024 21:30:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-12-09T00:00:00

Updated: 2024-12-11T16:32:40.063Z

Reserved: 2024-10-28T00:00:00

Link: CVE-2024-50627

cve-icon Vulnrichment

Updated: 2024-12-11T16:32:08.229Z

cve-icon NVD

Status : Received

Published: 2024-12-09T22:15:22.853

Modified: 2024-12-11T17:15:17.200

Link: CVE-2024-50627

cve-icon Redhat

No data.