CVE-2024-28135
PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series
A low privileged remote attacker can use a command injection vulnerability in the API which performs
remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Productos afectados
PHOENIX CONTACT · CHARX SEC-3000PHOENIX CONTACT · CHARX SEC-3050PHOENIX CONTACT · CHARX SEC-3100PHOENIX CONTACT · CHARX SEC-3150¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →