CVE-2024-0714 MiczFlor RPi-Jukebox-RFID HTTP Request userScripts.php os command injection

🗓️ 19 Jan 2024 14:31:04Reported by VulDBType

Critical os command injection vulnerability in MiczFlor RPi-Jukebox-RFID

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-0714	15 Feb 202408:11	–	circl
CNNVD	RPi-Jukebox-RFID Security Vulnerability	19 Jan 202400:00	–	cnnvd
CVE	CVE-2024-0714	19 Jan 202414:31	–	cve
EUVD	EUVD-2024-16504	3 Oct 202520:07	–	euvd
NVD	CVE-2024-0714	19 Jan 202415:15	–	nvd
Prion	Command injection	19 Jan 202415:15	–	prion
Positive Technologies	PT-2024-15775 · Unknown · Miczflor Rpi-Jukebox-Rfid	19 Jan 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-0714	23 May 202507:24	–	redhatcve
Vulnrichment	CVE-2024-0714 MiczFlor RPi-Jukebox-RFID HTTP Request userScripts.php os command injection	19 Jan 202414:31	–	vulnrichment

[
  {
    "vendor": "MiczFlor",
    "product": "RPi-Jukebox-RFID",
    "versions": [
      {
        "version": "2.0",
        "status": "affected"
      },
      {
        "version": "2.1",
        "status": "affected"
      },
      {
        "version": "2.2",
        "status": "affected"
      },
      {
        "version": "2.3",
        "status": "affected"
      },
      {
        "version": "2.4",
        "status": "affected"
      },
      {
        "version": "2.5",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP Request Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

19 Jan 2024 14:31Current

10High risk

Vulners AI Score10

CVSS 3.16.3

CVSS 36.3

CVSS 26.5

EPSS0.00964

CWE-78