CVE-2024-3781

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Apr 15, 2024

CWE ID 78

Summary

CVE-2024-3781 is a command injection vulnerability impacting WBSAirback 21.02.04. The flaw lies in the Active Directory integration of the operating system, where special elements are not adequately neutralized. As a result, an attacker can manipulate intended commands sent to a downstream component, potentially leading to unauthorized execution of malicious code. This vulnerability poses a serious risk, as successful exploitation could grant attackers control over affected systems. Organizations are urged to apply patches or mitigations promptly to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vZfQXd
https://www.cve.org/CVERecord?id=CVE-2024-3781
https://nvd.nist.gov/vuln/detail/CVE-2024-3781

Back to Vulnerability Database

CVE-2024-3781

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations