CVE-2024-28811

LOW Year: 2024
CVSS v3 Score
3.3
Low
Weakness Type
CWE-94
View all →

Vulnerability Description

An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations.

Related Vulnerabilities

CVE-2022-22270

LOW
CVSS:3.3(Low)

An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.

CWE-942022

CVE-2022-23434

LOW
CVSS:3.3(Low)

A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modi...

CWE-942022

CVE-2022-33725

LOW
CVSS:3.3(Low)

A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege.

CWE-942022

CVE-2023-33229

LOW
CVSS:3.5(Low)

The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL paramet...

CWE-942023

CVE-2024-21832

LOW
CVSS:3.5(Low)

A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.

CWE-942024

CVE-2024-22123

LOW
CVSS:2.7(Low)

Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server wil...

CWE-942024