Lucene search
CVE-2024-5672
ποΈΒ 03 Jul 2024Β 13:03:15Reported byΒ CERTVDETypeΒ 
Β cveπΒ web.nvd.nist.govπΒ 40Β Viewsπ WEB
Vulnerability for remote code execution via GET requests
Show more
| Reporter | Title | Published | Views | Family All 5 |
|---|---|---|---|---|
 | CVE-2024-5672 Red Lion Europe: mbNET.mini vulnerable to OS command injection | 3 Jul 202412:26 | β | cvelist |
 | CVE-2024-5672 Red Lion Europe: mbNET.mini vulnerable to OS command injection | 3 Jul 202412:26 | β | vulnrichment |
 | CVE-2024-5672 | 3 Jul 202413:15 | β | nvd |
 | CVE-2024-5672 | 5 Feb 202506:18 | β | redhatcve |
 | Helmholz Industrial Router REX100 / MBConnectline mbNET.mini 2.2.11 Command Injection | 4 Jul 202400:00 | β | packetstorm |
[
{
"defaultStatus": "unaffected",
"product": "mbNET.mini",
"vendor": "Red Lion Europe",
"versions": [
{
"lessThanOrEqual": "2.2.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "REX 100",
"vendor": "Helmholz",
"versions": [
{
"lessThanOrEqual": "2.2.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| root:password | request body | /cgi-bin/ping;echo$IFS'root:password'|chpasswd;ps;.sh | Authenticated command injection allowing arbitrary command execution via GET request. | CWE-78 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo03 Jul 2024 13:15Current
6.9Medium risk
Vulners AI Score6.9
CVSS37.2
EPSS0.00373
SSVC