A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2024-039 |
Configurations
No configuration.
History
10 Sep 2024, 12:09
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
10 Sep 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-10 09:15
Updated : 2024-09-10 12:09
NVD link : CVE-2024-43385
Mitre link : CVE-2024-43385
CVE.ORG link : CVE-2024-43385
JSON object : View
Products Affected
No product.
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')