CVE-2024-45274
- EPSS 0.97%
- Veröffentlicht 15.10.2024 11:15:12
- Zuletzt bearbeitet 21.11.2024 09:37:35
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.
CVE-2024-45275
- EPSS 0.83%
- Veröffentlicht 15.10.2024 11:15:12
- Zuletzt bearbeitet 21.11.2024 09:37:35
The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.
CVE-2024-45276
- EPSS 0.63%
- Veröffentlicht 15.10.2024 11:15:12
- Zuletzt bearbeitet 24.01.2025 07:15:10
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication.
CVE-2024-45271
- EPSS 0.12%
- Veröffentlicht 15.10.2024 11:15:11
- Zuletzt bearbeitet 26.08.2025 15:15:40
An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.
CVE-2024-45273
- EPSS 0.04%
- Veröffentlicht 15.10.2024 11:15:11
- Zuletzt bearbeitet 21.11.2024 09:37:35
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.
CVE-2024-5672
- EPSS 0.61%
- Veröffentlicht 03.07.2024 13:15:03
- Zuletzt bearbeitet 13.02.2025 18:18:18
A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.