CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-55516

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The component affected by this issue is /upload_sysconfig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.9%

CVSS Severity

CVSS v3 Score 9.1

References

https://gist.github.com/wscg928/cbe88078751abad2ada2334eb12a5060

Products affected by CVE-2024-55516

Raisecom » Msg1200 » Version: N/A

cpe:2.3:h:raisecom:msg1200:-
Raisecom » Msg2100e » Version: N/A

cpe:2.3:h:raisecom:msg2100e:-
Raisecom » Msg2200 » Version: N/A

cpe:2.3:h:raisecom:msg2200:-
Raisecom » Msg2300 » Version: N/A

cpe:2.3:h:raisecom:msg2300:-
Raisecom » Msg1200 Firmware » Version: 3.90

cpe:2.3:o:raisecom:msg1200_firmware:3.90
Raisecom » Msg2100e Firmware » Version: 3.90

cpe:2.3:o:raisecom:msg2100e_firmware:3.90
Raisecom » Msg2200 Firmware » Version: 3.90

cpe:2.3:o:raisecom:msg2200_firmware:3.90
Raisecom » Msg2300 Firmware » Version: 3.90

cpe:2.3:o:raisecom:msg2300_firmware:3.90

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-55516

Products

Pricing

Contact Us