admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-38510.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

19 lines
904 B
Markdown
Raw Permalink Blame History

### [CVE-2024-38510](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38510)
![](https://img.shields.io/static/v1?label=Product&message=XClarity%20Controller&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=various%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brightgreen)
### Description
A privilege escalation vulnerability was discovered in the SSH captive command shell interface that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/tmac997/tmac997
Reference in New Issue View Git Blame Copy Permalink