CVE-2024-31843

1976-01-0100:00:00

mitre

github.com

AI Score

7.1

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are processed on the server side. This allows authenticated users to execute commands on the Operating System.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:italtel:embrace:1.6.4:*:*:*:*:*:*:*"
    ],
    "vendor": "italtel",
    "product": "embrace",
    "versions": [
      {
        "status": "affected",
        "version": "1.6.4"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

www.gruppotim.it/it/footer/red-team.html