CVE-2024-55513

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Dec 17, 2024

Updated: Dec 18, 2024

CWE ID 22

Summary

CVE-2024-55513 is a newly discovered vulnerability affecting the Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90 models. The flaw resides in the /upload_netaction.php component of the web interface. Attackers can exploit this vulnerability by submitting a specially crafted form with a custom file name, enabling them to upload arbitrary files. If successfully exploited, unauthorized access to server permissions could be gained.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MSG2200
MSG1200
MSG2300
MSG2100E

Affected Vendors

Raisecom Technology Co.,Ltd.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1T1SoD
https://www.cve.org/CVERecord?id=CVE-2024-55513
https://nvd.nist.gov/vuln/detail/CVE-2024-55513

Back to Vulnerability Database