CVE-2024-41153
CVE-2024-41153
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.2EPSS 1.6%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
29 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Command injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the
web UI can execute commands on the device with root privileges,
far more extensive than what the write privilege intends.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
Hitachi Energy · TRO600Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →