cve/2024/CVE-2024-22894.md

### [CVE-2024-22894](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22894)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Jaarden/AlphaInnotec-Password-Vulnerability
- https://github.com/Jaarden/CVE-2024-22894
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2024-22894](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22894)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/Jaarden/AlphaInnotec-Password-Vulnerability`
			`- https://github.com/Jaarden/CVE-2024-22894`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`
			`- https://github.com/nomi-sec/PoC-in-GitHub`