2 matches found
CVE-2024-13871 Unauthenticated Command Injection in Bitdefender BOX v1
A command injection vulnerability exists in the /checkimageandtriggerrecovery API endpoint of Bitdefender Box 1 firmware version 1.3.11.490. This flaw allows an unauthenticated, network-adjacent attacker to execute arbitrary commands on the device, potentially leading to full remote code executio...
CVE-2024-13871 Unauthenticated Command Injection in Bitdefender BOX v1
A command injection vulnerability exists in the /checkimageandtriggerrecovery API endpoint of Bitdefender Box 1 firmware version 1.3.11.490. This flaw allows an unauthenticated, network-adjacent attacker to execute arbitrary commands on the device, potentially leading to full remote code executio...