From d24d2d439d23fcf7893e5cbce67cd469cabac83c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 10 Dec 2024 08:00:55 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/28xxx/CVE-2024-28138.json | 119 +++++++++++++++++++++++++++++++-- 2024/47xxx/CVE-2024-47397.json | 18 +++++ 2024/47xxx/CVE-2024-47946.json | 119 +++++++++++++++++++++++++++++++-- 2024/53xxx/CVE-2024-53688.json | 18 +++++ 2024/54xxx/CVE-2024-54457.json | 18 +++++ 5 files changed, 282 insertions(+), 10 deletions(-) create mode 100644 2024/47xxx/CVE-2024-47397.json create mode 100644 2024/53xxx/CVE-2024-53688.json create mode 100644 2024/54xxx/CVE-2024-54457.json diff --git a/2024/28xxx/CVE-2024-28138.json b/2024/28xxx/CVE-2024-28138.json index 9a34a079d7f..c7e26f5bb1e 100644 --- a/2024/28xxx/CVE-2024-28138.json +++ b/2024/28xxx/CVE-2024-28138.json @@ -1,18 +1,127 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-28138", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-research@sec-consult.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the \"msg_events.php\" script as the www-data user.\u00a0The HTTP GET parameter \"data\" is not properly sanitized." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Image Access GmbH", + "product": { + "product_data": [ + { + "product_name": "Scan2Net", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "7.40", + "status": "unaffected" + } + ], + "lessThan": "7.40", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://r.sec-consult.com/imageaccess", + "refsource": "MISC", + "name": "https://r.sec-consult.com/imageaccess" + }, + { + "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en", + "refsource": "MISC", + "name": "https://www.imageaccess.de/?page=SupportPortal&lang=en" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory." + } + ], + "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory." + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "The vendor provides a firmware update to version 7.40, which can be downloaded via the vendor's customer server portal.
" + } + ], + "value": "The vendor provides a firmware update to version 7.40, which can be downloaded via the vendor's customer server portal." + } + ], + "credits": [ + { + "lang": "en", + "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)" + }, + { + "lang": "en", + "value": "Tobias Niemann (SEC Consult Vulnerability Lab)" + } + ] } \ No newline at end of file diff --git a/2024/47xxx/CVE-2024-47397.json b/2024/47xxx/CVE-2024-47397.json new file mode 100644 index 00000000000..44dceca6849 --- /dev/null +++ b/2024/47xxx/CVE-2024-47397.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-47397", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/47xxx/CVE-2024-47946.json b/2024/47xxx/CVE-2024-47946.json index 642ee99ddd6..64f67acf6a3 100644 --- a/2024/47xxx/CVE-2024-47946.json +++ b/2024/47xxx/CVE-2024-47946.json @@ -1,18 +1,127 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-47946", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-research@sec-consult.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "If the attacker has access to a valid Poweruser session, remote code execution is possible because specially crafted valid PNG files with injected PHP content can be uploaded as desktop backgrounds or lock screens. After the upload, the PHP script is available in the web root. The PHP code executes once the uploaded file is accessed. This allows the execution of arbitrary PHP code and OS commands on the device as \"www-data\"." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "cweId": "CWE-434" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Image Access GmbH", + "product": { + "product_data": [ + { + "product_name": "Scan2Net", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "7.42", + "status": "unaffected" + } + ], + "lessThan": "7.42", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://r.sec-consult.com/imageaccess", + "refsource": "MISC", + "name": "https://r.sec-consult.com/imageaccess" + }, + { + "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en", + "refsource": "MISC", + "name": "https://www.imageaccess.de/?page=SupportPortal&lang=en" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "exploit": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory." + } + ], + "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory." + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "The vendor provides a firmware update to version 7.42, which can be downloaded via the vendor's customer server portal.
" + } + ], + "value": "The vendor provides a firmware update to version 7.42, which can be downloaded via the vendor's customer server portal." + } + ], + "credits": [ + { + "lang": "en", + "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)" + }, + { + "lang": "en", + "value": "Tobias Niemann (SEC Consult Vulnerability Lab)" + } + ] } \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53688.json b/2024/53xxx/CVE-2024-53688.json new file mode 100644 index 00000000000..9962e5a80ae --- /dev/null +++ b/2024/53xxx/CVE-2024-53688.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53688", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/54xxx/CVE-2024-54457.json b/2024/54xxx/CVE-2024-54457.json new file mode 100644 index 00000000000..8747e340858 --- /dev/null +++ b/2024/54xxx/CVE-2024-54457.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-54457", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file