GovTech CSGCVELIST:CVE-2024-4225CVE-2024-4225 NGDIN_ST v2.0D.0062 - Multiple Vulnerabilities
7.6 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Multiple security vulnerabilities has been discovered in web interface of NetGuardian DIN Remote Telemetry Unit (RTU), by DPS Telecom. Attackers can exploit those security vulnerabilities to perform critical actions such as escalate userβs privilege, steal userβs credential, Cross Site Scripting (XSS) and Cross-Site Request Forgery (CSRF).
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "NetGuardian DIN Remote Telemetry Unit (RTU)",
"vendor": "DPS Telecom",
"versions": [
{
"status": "affected",
"version": "NGDIN_ST App v2.0D.0062"
}
]
}
]
7.6 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%