HIGH🇬🇧 English

CVE-2024-42427

CVSS 7.6v3.1pub. 2024-09-10upd. 2024-12-20

Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Dell Wyse Thinos

    OS
    Dell
    9.5.10799.5.2109
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2020-29492CRITICAL10.0ten sam produkt

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unau...

CVE-2020-29491CRITICAL10.0ten sam produkt

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unau...

CVE-2021-21597HIGH7.2ten sam produkt

Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated mal...

CVE-2023-32455MEDIUM5.5ten sam produkt

Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. ...

CVE-2023-32446MEDIUM5.5ten sam produkt

Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. ...