CVE-2024-23811

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Feb 13, 2024

CWE ID 434

Summary

CVE-2024-23811 is a new vulnerability impacting SINEC NMS (all versions prior to V2.0 SP1). This issue permits unauthenticated users to upload arbitrary files via TFTP. An attacker could exploit this weakness by submitting malicious firmware images or other malicious files, potentially leading to remote code execution. This vulnerability poses a significant risk to networks and should be addressed promptly with the available patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uPjOxg
https://www.cve.org/CVERecord?id=CVE-2024-23811
https://nvd.nist.gov/vuln/detail/CVE-2024-23811

Back to Vulnerability Database

CVE-2024-23811

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations