CVE-2024-8457

Summary

CVE-2024-8457 is a newly disclosed vulnerability affecting certain switch models from PLANET Technology. This issue permits remote authenticated users with administrator privileges to inject malicious JavaScript code through unvalidated parameters in the web application. Consequently, attackers can carry out Stored XSS (Cross-Site Scripting) attacks, potentially stealing sensitive data or gaining unauthorized access to the affected system. By exploiting this vulnerability, hackers can manipulate the web interface and execute malicious scripts on unsuspecting users, posing a significant risk to the security and integrity of the network. To mitigate this threat, it is recommended that affected organizations apply the necessary patches or updates to their switch software as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.