3 matches found
CVE-2024-1491
The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash program memory...
CVE-2024-1491 Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function
The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash program memory...
CVE-2024-1491
CVE-2024-1491 affects Electrolink FM/DAB/TV Transmitters, where an unauthenticated unprotected endpoint permits MPFS2 file-system binary image uploads. The MPFS2 read-only storage can reside in external EEPROM/flash and backs the HTTP2 web server and other components; exploitation could overwrite...