CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52558 – Planet Technology Planet WGS-804HPT Integer Underflow
https://notcve.org/view.php?id=CVE-2024-52558
06 Dec 2024 — The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52320 – Planet Technology Planet WGS-804HPT Command Injection
https://notcve.org/view.php?id=CVE-2024-52320
06 Dec 2024 — The affected product is vulnerable to a command injection. An unauthenticated attacker could send commands through a malicious HTTP request which could result in remote code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48871 – Planet Technology Planet WGS-804HPT Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-48871
06 Dec 2024 — The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02 • CWE-121: Stack-based Buffer Overflow •