Vulnerability Details CVE-2024-23811
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.9%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-23811
-
cpe:2.3:a:siemens:sinec_nms:-
-
cpe:2.3:a:siemens:sinec_nms:1.0
-
cpe:2.3:a:siemens:sinec_nms:1.0.3
-
cpe:2.3:a:siemens:sinec_nms:2.0