CVE-2024-9166
CVSS V2 None
CVSS V3 None
Description
The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.
Overview
- CVE ID
- CVE-2024-9166
- Assigner
- icscert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-26T16:55:51.242Z
- Last Modified Date
- 2024-09-26T18:23:52.328Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-03 | government-resource |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-9166 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9166 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-10-06 14:05:56 | Added to TrackCVE |