CVE-2024-52781
CRITICALDescription
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/tool/traceroute.php.
Is your site exposed to CVE-2024-52781?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| dcnetworks | dcme-720_firmware |
| dcnetworks | dcme-720 |
| dcnetworks | dcme-320-l_firmware |
| dcnetworks | dcme-320-l |
| dcnetworks | dcme-320_firmware |
| dcnetworks | dcme-320 |
| dcnetworks | dcme-520_firmware |
| dcnetworks | dcme-520 |
References
Frequently Asked Questions
What is CVE-2024-52781? +
How severe is CVE-2024-52781? +
What products are affected by CVE-2024-52781? +
How do I check if I'm vulnerable to CVE-2024-52781? +
Related Vulnerabilities
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_hist_new.php.
An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the log_u_umount.php component.
DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability.
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L, <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/basic/license_update.php.
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_hist.php.
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_top10.php.