CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50362
https://notcve.org/view.php?id=CVE-2024-50362
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "connection_profile_apply" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50362 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50361
https://notcve.org/view.php?id=CVE-2024-50361
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "certificate_file_remove" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50361 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50360
https://notcve.org/view.php?id=CVE-2024-50360
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "snmp_apply" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50360 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50359
https://notcve.org/view.php?id=CVE-2024-50359
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "scan_ap" API which are not properly sanitized before being concatenated to OS level commands. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50359 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: %CPEs: 3EXPL: 0CVE-2024-50358
https://notcve.org/view.php?id=CVE-2024-50358
A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The vulnerability can be exploited by authenticated users by restoring a tampered configuration backup. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-50358 • CWE-15: External Control of System or Configuration Setting •