CVE-2024-27121
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
Path traversal vulnerability exists in Machine Automation Controller NJ Series and Machine Automation Controller NX Series. An arbitrary file in the affected product may be accessed or arbitrary code may be executed by processing a specially crafted request sent from a remote attacker with an administrative privilege. As for the details of the affected product names/versions, see the information provided by the vendor under [References] section.
Existe una vulnerabilidad de path traversal en Machine Automation Controller NJ Series and Machine Automation Controller NX Series. Se puede acceder a un archivo arbitrario en el producto afectado o se puede ejecutar código arbitrario procesando una solicitud especialmente manipulada enviada por un atacante remoto con privilegios administrativos. En cuanto a los detalles de los nombres/versiones de los productos afectados, consulte la información proporcionada por el proveedor en la sección [Referencias].
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-02-20 CVE Reserved
- 2024-03-12 CVE Published
- 2024-08-16 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (3)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Omron Search vendor "Omron" | Nj101-1000 Firmware Search vendor "Omron" for product "Nj101-1000 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj101-1020 Firmware Search vendor "Omron" for product "Nj101-1020 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj101-9000 Firmware Search vendor "Omron" for product "Nj101-9000 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj101-9020 Firmware Search vendor "Omron" for product "Nj101-9020 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj301-1100 Firmware Search vendor "Omron" for product "Nj301-1100 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj301-1200 Firmware Search vendor "Omron" for product "Nj301-1200 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-1300 Firmware Search vendor "Omron" for product "Nj501-1300 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-1320 Firmware Search vendor "Omron" for product "Nj501-1320 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-1340 Firmware Search vendor "Omron" for product "Nj501-1340 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-1400 Firmware Search vendor "Omron" for product "Nj501-1400 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-1420 Firmware Search vendor "Omron" for product "Nj501-1420 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-1500 Firmware Search vendor "Omron" for product "Nj501-1500 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-1520 Firmware Search vendor "Omron" for product "Nj501-1520 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-4300 Firmware Search vendor "Omron" for product "Nj501-4300 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-4310 Firmware Search vendor "Omron" for product "Nj501-4310 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-4320 Firmware Search vendor "Omron" for product "Nj501-4320 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-4400 Firmware Search vendor "Omron" for product "Nj501-4400 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-4500 Firmware Search vendor "Omron" for product "Nj501-4500 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-5300 Firmware Search vendor "Omron" for product "Nj501-5300 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-r300 Firmware Search vendor "Omron" for product "Nj501-r300 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-r320 Firmware Search vendor "Omron" for product "Nj501-r320 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-r400 Firmware Search vendor "Omron" for product "Nj501-r400 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-r420 Firmware Search vendor "Omron" for product "Nj501-r420 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-r500 Firmware Search vendor "Omron" for product "Nj501-r500 Firmware" | * | - |
Affected
| ||||||
| Omron Search vendor "Omron" | Nj501-r520 Firmware Search vendor "Omron" for product "Nj501-r520 Firmware" | * | - |
Affected
| ||||||