admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-397xx/CVE-2024-39793.json
cad-safe-bot 4a301a0f3d Auto-Update: 2025-01-19T03:00:20.175811+00:00
2025-01-19 03:03:47 +00:00

60 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-39793",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2025-01-14T15:15:24.510",
"lastModified": "2025-01-14T15:15:24.510",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A configuration injection vulnerability exists in the `ftp_name` POST parameter."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de control de configuraci\u00f3n externa en la funcionalidad nas.cgi set_nas() proftpd de Wavlink AC3000 M33A8.V5030.210505. Una solicitud HTTP manipulada especialmente puede provocar la omisi\u00f3n de permisos. Un atacante puede realizar una solicitud HTTP autenticada para activar estas vulnerabilidades. Existe una vulnerabilidad de inyecci\u00f3n de configuraci\u00f3n en el par\u00e1metro POST `ftp_name`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-15"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2053",
"source": "talos-cna@cisco.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink