CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-1015 – Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3
https://notcve.org/view.php?id=CVE-2024-1015
Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could send different commands from the operating system to the system via the web configuration functionality of the device. Vulnerabilidad de ejecución remota de comandos en SE-elektronic GmbH E-DDC3.3 que afecta a las versiones 03.07.03 y superiores. Un atacante podría enviar diferentes comandos desde el sistema operativo al sistema a través de la funcionalidad de configuración web del dispositivo. • https://www.hackplayers.com/2024/01/cve-2024-1014-and-cve-2024-1015.html https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-se-elektronic-gmbh-products • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-1014 – Uncontrolled resource consumption vulnerability in SE-elektronic GmbH E-DDC3.3
https://notcve.org/view.php?id=CVE-2024-1014
Uncontrolled resource consumption vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could interrupt the availability of the administration panel by sending multiple ICMP packets. Vulnerabilidad de consumo descontrolado de recursos en SE-elektronic GmbH E-DDC3.3 que afecta a las versiones 03.07.03 y superiores. Un atacante podría interrumpir la disponibilidad del panel de administración enviando múltiples paquetes ICMP. • https://www.hackplayers.com/2024/01/cve-2024-1014-and-cve-2024-1015.html https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-se-elektronic-gmbh-products • CWE-400: Uncontrolled Resource Consumption •