How severe is CVE-2024-7578?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-7578?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2024-7578 - MEDIUM Severity | CVSS 9.8

Vulnerability Description

A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified as critical. Affected is an unknown function of the file /var/www/cmd.php. The manipulation of the argument cmd leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2015-3954

CRITICAL

CVSS:9.8(Critical)

Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges o...

CWE-2852015

CVE-2015-5463

CRITICAL

CVSS:9.8(Critical)

AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through ar...

CWE-2852015

CVE-2016-0922

CRITICAL

CVSS:9.8(Critical)

EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack.

CWE-2852016

CVE-2016-10734

CRITICAL

CVSS:9.8(Critical)

ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.

CWE-2852016

CVE-2016-5799

CRITICAL

CVSS:9.8(Critical)

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain acce...

CWE-2852016

CVE-2016-6825

CRITICAL

CVSS:9.8(Critical)

Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC6...

CWE-2852016