How severe is CVE-2024-47485?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-47485?

This is classified as CWE-1236, which is a common weakness in software security.

CVE-2024-47485

MEDIUM Year: 2024

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-1236

View all →

Vulnerability Description

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.

CVE-2018-11652

CRITICAL

CVSS:9.8(Critical)

CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV re...

CWE-12362018

CVE-2018-20752

CRITICAL

CVSS:9.8(Critical)

An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a us...

CWE-12362018

CVE-2018-8092

CRITICAL

CVSS:9.8(Critical)

Mautic before 2.13.0 allows CSV injection.

CWE-12362018

CVE-2019-0403

CRITICAL

CVSS:9.8(Critical)

SAP Enable Now, before version 1911, allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection.

CWE-12362019