CVE-2024-7728
CVSS V2 None
CVSS V3 None
Description
The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server.
Overview
- CVE ID
- CVE-2024-7728
- Assigner
- twcert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-14T03:26:50.771Z
- Last Modified Date
- 2024-08-14T03:53:12.781Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://www.twcert.org.tw/en/cp-139-8002-b6167-2.html | third-party-advisory |
https://www.twcert.org.tw/tw/cp-132-8001-8416d-1.html | third-party-advisory |
https://resource1.cayintech.com/patch/ | patch |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-7728 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7728 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-08-14 13:08:28 | Added to TrackCVE |