Vulnerability Details CVE-2024-50627
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.8%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-50627
-
cpe:2.3:h:digi:connectport_lts_16:-
-
cpe:2.3:h:digi:connectport_lts_16_mei:-
-
cpe:2.3:h:digi:connectport_lts_16_mei_2ac:-
-
cpe:2.3:h:digi:connectport_lts_32:-
-
cpe:2.3:h:digi:connectport_lts_32_mei:-
-
cpe:2.3:h:digi:connectport_lts_8_mei:-
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.10
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.11
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.3
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.4
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.5
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.6
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.7
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.8
-
cpe:2.3:o:digi:connectport_lts_firmware:1.4.9