CVE-2024-25552 Wiesemann & Theis: Multiple products prone to unquoted search path

🗓️ 01 Mar 2024 07:49:41Reported by CERTVDEType

Local attacker privilege escalation via unquoted search path

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-25552	1 Mar 202409:26	–	circl
CNNVD	Wiesemann & Theis Com Redirector Legacy Security Vulnerability	1 Mar 202400:00	–	cnnvd
CVE	CVE-2024-25552	1 Mar 202407:49	–	cve
EUVD	EUVD-2024-22880	3 Oct 202520:07	–	euvd
NVD	CVE-2024-25552	1 Mar 202408:15	–	nvd
Prion	Path traversal	1 Mar 202408:15	–	prion
Positive Technologies	PT-2024-21000 · W&T +1 · Com Redirector Legacy +5	1 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-25552	5 Feb 202513:09	–	redhatcve
Vulnrichment	CVE-2024-25552 Wiesemann & Theis: Multiple products prone to unquoted search path	1 Mar 202407:49	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Com Redirector PnP",
    "vendor": "W&T",
    "versions": [
      {
        "status": "affected",
        "version": "4.42"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Com Redirector Legacy",
    "vendor": "W&T",
    "versions": [
      {
        "status": "affected",
        "version": "3.93"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "OPC-Server",
    "vendor": "W&T",
    "versions": [
      {
        "status": "affected",
        "version": "4.88"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en/advisories/VDE-2024-018

07 Mar 2024 08:47Current

8.5High risk

Vulners AI Score8.5

CVSS 3.17.8

EPSS0.00029

CWE-428