CVE-2024-9166
OS Command Injection in Atelmo Atemio AM 520 HD Full HD Satellite Receiver
The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Atelmo · Atemio AM 520 HD Full HD Satellite Receiverpublic PoCs found — 1
githubgithub.com/Andrysqui/CVE-2024-9166★ 3⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →