Lucene search

[email protected]NVD:CVE-2024-24486

HistoryApr 15, 2024 - 7:15 p.m.

CVE-2024-24486

2024-04-1519:15:09

CWE-284

[email protected]

web.nvd.nist.gov

silex technology

ds-600

firmware

remote attacker

edit settings

save eep_data command

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

6.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to edit device settings via the SAVE EEP_DATA command.

References

raw.githubusercontent.com/MostafaSoliman/Security-Advisories/master/CVE-2024-24486

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

6.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-24486

cve1 vulnrichment1 cvelist1