1 results (0.006 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42905
https://notcve.org/view.php?id=CVE-2024-42905
28 Aug 2024 — Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function in the code/function/system/tool/ping.php file. • https://github.com/ZackSecurity/VulnerReport/blob/cve/DCN/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •