CVE-2024-31843

MEDIUM Year: 2024
CVSS v3 Score
4.1
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are processed on the server side. This allows authenticated users to execute commands on the Operating System.

Related Vulnerabilities

CVE-2019-1770

MEDIUM
CVSS:4.2(Medium)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system wi...

CWE-782019

CVE-2024-26023

MEDIUM
CVSS:4.2(Medium)

OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.

CWE-782024

CVE-2024-12970

LOW
CVSS:3.9(Low)

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection.This issue affects Pardus O...

CWE-782024

CVE-2022-33955

MEDIUM
CVSS:4.3(Medium)

IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. IBM X-Force ID: 229312.

CWE-782022

CVE-2022-0841

LOW
CVSS:3.8(Low)

OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.

CWE-782022

CVE-2017-6602

MEDIUM
CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an auth...

CWE-782017