MEDIUM🇵🇱 Wersja polska

CVE-2024-5194

CVSS 5.1v4.0pub. 2024-05-22upd. 2025-10-14

A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265831.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Arris Vap2500

    HW
    Arris
    wszystkie wersje
  • Arris Vap2500 Firmware

    OS
    Arris
    08.50
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2014-8423HIGH10.0ten sam produkt

Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to ...

CVE-2014-8424HIGH7.8ten sam produkt

ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass aut...

CVE-2014-8425HIGH7.8ten sam produkt

The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading...

CVE-2024-5195MEDIUM5.1ten sam produkt

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is som...

CVE-2024-5196MEDIUM5.1ten sam produkt

A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of ...