CVE-2024-36455
Description
An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2024-36455? +
How do I check if I'm vulnerable to CVE-2024-36455? +
Related Vulnerabilities
The NASA’s Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A vulnerability exists in the version …
Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information …
The CloudStack integration API service allows running its unauthenticated API server (usually on port 8096 when configured and enabled via …
Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following …
Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may …
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set …