CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-55544

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.035

EPSS Ranking 87.2%

CVSS Severity

CVSS v3 Score 8.8

References

https://cyberdanube.com/security-research/st-polten-uas-multiple-vulnerabilities-in-oring-iap/
http://seclists.org/fulldisclosure/2024/Dec/3
https://cyberdanube.com/security-research/st-polten-uas-multiple-vulnerabilities-in-oring-iap/

Products affected by CVE-2024-55544

Oringnet » Iap-420 » Version: N/A

cpe:2.3:h:oringnet:iap-420:-
Oringnet » Iap-420 Firmware » Version: 2.01e

cpe:2.3:o:oringnet:iap-420_firmware:2.01e
Oringnet » Iap-420 Firmware » Version: 2.0m

cpe:2.3:o:oringnet:iap-420_firmware:2.0m

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-55544

Products

Pricing

Contact Us