CVE-2024-24899

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Mar 25, 2024

CWE ID 78

Summary

CVE-2024-24899 is a new OS Command Injection vulnerability affecting the openEuler aops-zeus software on Linux systems. The flaw, located in the constant.Py file, stems from improper neutralization of special elements used in operating system commands. Successful exploitation allows attackers to inject arbitrary commands, potentially leading to serious system compromises. Affected versions of aops-zeus include those from 1.2.0 through 1.4.0.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uXQM-9
https://www.cve.org/CVERecord?id=CVE-2024-24899
https://nvd.nist.gov/vuln/detail/CVE-2024-24899

Back to Vulnerability Database

CVE-2024-24899

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations