CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50367
https://notcve.org/view.php?id=CVE-2024-50367
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "sta_log_htm" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50367 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50366
https://notcve.org/view.php?id=CVE-2024-50366
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "applications_apply" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50366 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50365
https://notcve.org/view.php?id=CVE-2024-50365
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "lan_apply" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50365 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50364
https://notcve.org/view.php?id=CVE-2024-50364
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "export_log" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50364 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50363
https://notcve.org/view.php?id=CVE-2024-50363
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "mp_apply" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50363 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •