CVE-2024-50960

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Apr 15, 2025

Updated: Apr 25, 2025

CWE ID 94

Summary

CVE-2024-50960 is a command injection vulnerability affecting select Extron products, including the SMP 111 (version 3.01 and below), SMP 351 (version 2.16 and below), SMP 352 (version 2.16 and below), and SME 211 (version 3.02 and below). This issue resides in the Nmap diagnostic tool in the admin web console. A successful exploit allows a remote, authenticated attacker to execute arbitrary commands with root privileges on the underlying operating system. This poses a significant risk to system security and requires immediate attention, as it can lead to unauthorized access, data theft, and other malicious activities. To mitigate this risk, users are advised to update their affected Extron devices to the latest, non-vulnerable versions as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-50960

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations