How severe is CVE-2024-10193?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2024-10193?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2024-10193 - MEDIUM Severity | CVSS 7.2

Vulnerability Description

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function ping_ddns of the file internet.cgi. The manipulation of the argument DDNS leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2015-4046

HIGH

CVSS:7.2(High)

The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php.

CWE-772015

CVE-2016-6656

HIGH

CVSS:7.2(High)

An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using GPHDFS protocol has a vulnerability whereby arbitrary commands can be injected into the system. In order...

CWE-772016

CVE-2016-8801

HIGH

CVSS:7.2(High)

Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allows attackers with administrator privilege to inject a command into a specific command's parameters, and run this injected command ...

CWE-772016

CVE-2016-9553

HIGH

CVSS:7.2(High)

The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/...

CWE-772016

CVE-2016-9554

HIGH

CVSS:7.2(High)

The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur...

CWE-772016

CVE-2017-12075

HIGH

CVSS:7.2(High)

Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.

CWE-772017