Lucene search

CVE-2024-5241

🗓️ 23 May 2024 07:10:15Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 61 Views🌐 WEB

Critical vulnerability found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 3
Cvelist	CVE-2024-5241 Huashi Private Cloud CDN Live Streaming Acceleration Server ipconfig_new.php os command injection	23 May 202407:00	–	cvelist
Vulnrichment	CVE-2024-5241 Huashi Private Cloud CDN Live Streaming Acceleration Server ipconfig_new.php os command injection	23 May 202407:00	–	vulnrichment
NVD	CVE-2024-5241	23 May 202407:15	–	nvd

Vulners

Vulnrichment

Node

huashi private_cloud_cdn_live_streaming_acceleration_serverMatch20240520

[
  {
    "vendor": "Huashi",
    "product": "Private Cloud CDN Live Streaming Acceleration Server",
    "versions": [
      {
        "version": "20240520",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/8I~%2CbRx%5E4%26%3Fu%7D2tS/Huashi_Private_Cloud_CDN_Live_Streaming_Acceleration_Server_RCE_Vulnerability-ipconfig_new.php.pdf

Parameter	Position	Path	Description	CWE
dev	query param	/manager/ipconfig_new.php	The 'dev' parameter in the /manager/ipconfig_new.php endpoint is vulnerable to OS command injection.	CWE-78

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 May 2024 07:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS25.8

CVSS34.7

CVSS45.1

EPSS0.01501

SSVC

CWE-78