CVE-2024-6298

🗓️ 05 Jul 2024 11:06:35Reported by ABBType

cve🔗 web.nvd.nist.gov👁 80 Views🌐 WEB

Improper Input Validation vulnerability in ABB ASPECT-Enterprise, NEXUS, and MATRIX on Linux allowing Remote Code Inclusio

Reporter	Title	Published	Views	Family All 16
0day.today	ABB Cylon Aspect 3.08.01 Remote Code Execution Vulnerability	24 Sep 202400:00	–	zdt
BDU FSTEC	The vulnerability of the uploadFile() function in the bigUpload.php script of the ASPECT Enterprise, NEXUS Series, and MATRIX Series embedded network controller software allows a intruder to gain unauthorized access to the device, write arbitrary files, and execute any code they desire.	9 Oct 202400:00	–	bdu_fstec
Circl	CVE-2024-6298	5 Jul 202414:09	–	circl
CNNVD	ABB ASPECT Input Validation Error Vulnerability	5 Jul 202400:00	–	cnnvd
Cvelist	CVE-2024-6298 remote code execution	5 Jul 202411:06	–	cvelist
Exploit DB	ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)	2 Apr 202500:00	–	exploitdb
EUVD	EUVD-2024-47993	5 Jul 202411:06	–	euvd
NCSC	Vulnerabilities fixed in ABB ASPECT, NEXUS Series and MATRIX Series	6 Dec 202411:49	–	ncsc
NVD	CVE-2024-6298	5 Jul 202411:15	–	nvd
OSV	CVE-2024-6298	5 Jul 202411:15	–	osv

NVD

Node

abb aspect-ent-12_firmwareRange≤3.08.01

AND

abb aspect-ent-12Match-

Node

abb aspect-ent-2_firmwareRange≤3.08.01

AND

abb aspect-ent-2Match-

Node

abb aspect-ent-256_firmwareRange≤3.08.01

AND

abb aspect-ent-256Match-

Node

abb aspect-ent-96_firmwareRange≤3.08.01

AND

abb aspect-ent-96Match-

Node

abb nexus-2128_firmwareRange≤3.08.01

AND

abb nexus-2128Match-

Node

abb nexus-2128-a_firmwareRange≤3.08.01

AND

abb nexus-2128-aMatch-

Node

abb nexus-2128-f_firmwareRange≤3.08.01

AND

abb nexus-2128-fMatch-

Node

abb nexus-2128-g_firmwareRange≤3.08.01

AND

abb nexus-2128-gMatch-

Node

abb nexus-264_firmwareRange≤3.08.01

AND

abb nexus-264Match-

Node

abb nexus-264-a_firmwareRange≤3.08.01

AND

abb nexus-264-aMatch-

Node

abb nexus-264-f_firmwareRange≤3.08.01

AND

abb nexus-264-fMatch-

Node

abb nexus-264-g_firmwareRange≤3.08.01

AND

abb nexus-264-gMatch-

Node

abb nexus-3-2128_firmwareRange≤3.08.01

AND

abb nexus-3-2128Match-

Node

abb nexus-3-264_firmwareRange≤3.08.01

AND

abb nexus-3-264Match-

Node

abb matrix-11_firmwareRange≤3.08.01

AND

abb matrix-11Match-

Node

abb matrix-216_firmwareRange≤3.08.01

AND

abb matrix-216Match-

Node

abb matrix-232_firmwareRange≤3.08.01

AND

abb matrix-232Match-

Node

abb matrix-264_firmwareRange≤3.08.01

AND

abb matrix-264Match-

Node

abb matrix-296_firmwareRange≤3.08.01

AND

abb matrix-296Match-

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "ASPECT-Enterprise",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "3.08.01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "NEXUS Series",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "3.08.01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "MATRIX Series",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "3.08.01",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
search	www.search.abb.com/library/Download.aspx
search	www.search.abb.com/library/Download.aspx

Parameter	Position	Path	Description	CWE
action	request body	192.168.73.31/bigUpload.php?action=upload&key=251	Remote code execution via arbitrary file write in bigUpload.php using unvalidated raw POST data (php://input) with directory traversal via improper path sanitization.	CWE-1287
key	request body	192.168.73.31/bigUpload.php?action=upload&key=251	Remote code execution via arbitrary file write in bigUpload.php using unvalidated raw POST data (php://input) with directory traversal via improper path sanitization.	CWE-1287
data	request body	192.168.73.31/bigUpload.php?action=upload&key=251	Remote code execution via arbitrary file write in bigUpload.php using unvalidated raw POST data (php://input) with directory traversal via improper path sanitization.	CWE-1287
action	request body	192.168.73.31/bigUpload.php?action=finish	Triggering the finalization step can be used to complete a malicious file write to an executable directory (path traversal via name parameter).	CWE-1287
key	request body	192.168.73.31/bigUpload.php?action=finish	Triggering the finalization step can be used to complete a malicious file write to an executable directory (path traversal via name parameter).	CWE-1287
name	request body	192.168.73.31/bigUpload.php?action=finish	Triggering the finalization step can be used to complete a malicious file write to an executable directory (path traversal via name parameter).	CWE-1287
j	query param	192.168.73.31/ZSL.php?j=id	Snippet demonstrating remote command execution via URL parameter (id) after payload upload.	CWE-1287

17 Jun 2026 08:17Current

9.7High risk

Vulners AI Score9.7

CVSS 3.19.8 - 10

CVSS 49.4

EPSS0.1901

SSVC

CWE-1287