7 matches found
ORing IAP-420 2.01e Cross Site Scripting / Command Injection Vulnerabilities
------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage| https://oringnet.com/ found| 2024-01-19 by| T. Weber...
ORing IAP-420 2.01e Cross Site Scripting / Command Injection
CyberDanube Security Research 20240528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage|...
CVE-2024-5411
creationtimestamp| type| source ---|---|--- 2024-05-28 13:37:59+00:00| seen| https://t.me/HackingInsights/1004 2025-02-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-15...
CVE-2024-5411
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below...
CVE-2024-5411 Command Injection
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below...
CVE-2024-5411 Command Injection
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below...
CVE-2024-5411
Summary: CVE-2024-5411 affects ORing IAP-420 web interface (version 2.01e and earlier). The root cause is missing input validation and OS command integration of user input, enabling authenticated command injection and potentially full device compromise. Exploitation requires authentication to the...