HIGH🇵🇱 Wersja polska

CVE-2024-42427

CVSS 7.6v3.1pub. 2024-09-10upd. 2024-12-20

Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges.

CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Dell Wyse Thinos

    OS
    Dell
    9.5.10799.5.2109
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2020-29492CRITICAL10.0ten sam produkt

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unau...

CVE-2020-29491CRITICAL10.0ten sam produkt

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unau...

CVE-2021-21597HIGH7.2ten sam produkt

Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An authenticated mal...

CVE-2023-32455MEDIUM5.5ten sam produkt

Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. ...

CVE-2023-32446MEDIUM5.5ten sam produkt

Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. ...