4 matches found
CVE-2024-21880
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Enphase allows OS Command Injection.This issue affects Envoy: 4.x = 7.x...
CVE-2024-21880 URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x <= 7.x
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Enphase allows OS Command Injection.This issue affects Envoy: 4.x = 7.x...
CVE-2024-21880
The CVE-2024-21880 issue affects Enphase IQ Gateway (4.x–7.x). It is an OS command injection via the url parameter of an authenticated endpoint, caused by improper neutralization of special elements. The connected PT security entry (PT-2024-19111) provides remediation guidance: update Enphase IQ ...
CVE-2024-21880 URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway version 4.x <= 7.x
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Enphase allows OS Command Injection.This issue affects Envoy: 4.x = 7.x...