CVE-2024-47944
MEDIUMDescription
The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function.
Is your site exposed to CVE-2024-47944?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2024-47944? +
How severe is CVE-2024-47944? +
How do I check if I'm vulnerable to CVE-2024-47944? +
Related Vulnerabilities
Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access to load unauthorized …
An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with …
A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the …
IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user …