CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-41153

Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensive than what the write privilege intends.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.6%

CVSS Severity

CVSS v3 Score 7.2

References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000147&LanguageCode=en&DocumentPartId=&Action=launch

Products affected by CVE-2024-41153

Hitachienergy » Tro610 » Version: N/A

cpe:2.3:h:hitachienergy:tro610:-
Hitachienergy » Tro620 » Version: N/A

cpe:2.3:h:hitachienergy:tro620:-
Hitachienergy » Tro670 » Version: N/A

cpe:2.3:h:hitachienergy:tro670:-
Hitachienergy » Tro610 Firmware » Version: 9.1.0.0

cpe:2.3:o:hitachienergy:tro610_firmware:9.1.0.0
Hitachienergy » Tro610 Firmware » Version: 9.2.0.0

cpe:2.3:o:hitachienergy:tro610_firmware:9.2.0.0
Hitachienergy » Tro620 Firmware » Version: 9.1.0.0

cpe:2.3:o:hitachienergy:tro620_firmware:9.1.0.0
Hitachienergy » Tro620 Firmware » Version: 9.2.0.0

cpe:2.3:o:hitachienergy:tro620_firmware:9.2.0.0
Hitachienergy » Tro670 Firmware » Version: 9.1.0.0

cpe:2.3:o:hitachienergy:tro670_firmware:9.1.0.0
Hitachienergy » Tro670 Firmware » Version: 9.2.0.0

cpe:2.3:o:hitachienergy:tro670_firmware:9.2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-41153

Products

Pricing

Contact Us