CVE-2024-26260
CVSS V2 None
CVSS V3 None
Description
The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission.
Overview
- CVE ID
- CVE-2024-26260
- Assigner
- twcert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-02-15T02:18:34.668Z
- Last Modified Date
- 2024-02-15T02:18:34.668Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7673-688b7-1.html | third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-26260 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26260 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 01:06:34 | Added to TrackCVE |