CVE-2024-25995
CRITICALDescription
An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation.
Is your site exposed to CVE-2024-25995?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| phoenixcontact | charx_sec-3000_firmware |
| phoenixcontact | charx_sec-3000 |
| phoenixcontact | charx_sec-3050_firmware |
| phoenixcontact | charx_sec-3050 |
| phoenixcontact | charx_sec-3100_firmware |
| phoenixcontact | charx_sec-3100 |
| phoenixcontact | charx_sec-3150_firmware |
| phoenixcontact | charx_sec-3150 |
References
Frequently Asked Questions
What is CVE-2024-25995? +
How severe is CVE-2024-25995? +
What products are affected by CVE-2024-25995? +
How do I check if I'm vulnerable to CVE-2024-25995? +
Related Vulnerabilities
Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a configuration reset request is made. The vulnerability is …
A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint …
Penetration Testing engineers at Amazon have discovered a flaw where the camera system fails to properly handle data supplied in …
A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted …
A security flaw was discovered in the NETGEAR WAX333 Access Point that could allow someone already logged in and connected …
A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to …