CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-42427

Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.026

EPSS Ranking 84.9%

CVSS Severity

CVSS v3 Score 7.6

References

https://www.dell.com/support/kbdoc/en-us/000228350/dsa-2024-386

Products affected by CVE-2024-42427

Dell » Wyse Thinos » Version: 9.5.1079

cpe:2.3:o:dell:wyse_thinos:9.5.1079
Dell » Wyse Thinos » Version: 9.5.2109

cpe:2.3:o:dell:wyse_thinos:9.5.2109

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42427

Products

Pricing

Contact Us