CVE-2024-5421

Severity CVSS v4.0:

Pending analysis

Type:

CWE-78 OS Command Injections

Publication date:

04/06/2024

Last modified:

10/06/2024

Description

Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command injection.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.

Impact

References to Advisories, Solutions, and Tools

http://seclists.org/fulldisclosure/2024/Jun/4
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html