Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2024-41889
HistoryAug 05, 2024 - 4:36 a.m.

CVE-2024-41889

2024-08-0504:36:27
jpcert
www.cve.org
5
pimax products
websocket connections
arbitrary code execution
unintended endpoints
remote unauthenticated attacker

EPSS

0.001

Percentile

28.0%

JSON

Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker.

CNA Affected

[
  {
    "vendor": "Pimax",
    "product": "Pimax Play",
    "versions": [
      {
        "version": "prior to V1.21.01",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Pimax",
    "product": "PiTool",
    "versions": [
      {
        "version": "all versions",
        "status": "affected"
      }
    ]
  }
]

Related

vulnrichment 1
nvd 1
jvn 1
cve 1
vulnrichment
vulnrichment
CVE-2024-41889
2024-08-05 04:36:27
nvd
nvd
CVE-2024-41889
2024-08-05 05:15:39
jvn
jvn
JVN#50850706: Pimax Play and PiTool accept WebSocket connections from unintended endpoints
2024-08-05 00:00:00
cve
cve
CVE-2024-41889
2024-08-05 05:15:39

EPSS

0.001

Percentile

28.0%

JSON
Related for CVELIST:CVE-2024-41889
vulnrichment1nvd1jvn1cve1