CVE-2024-5194

CVSS 2.0 Score 5.8 of 10 (medium)

Details

Published May 22, 2024

Updated: Jun 4, 2024

CWE ID 77

Summary

CVE-2024-5194 is a critical vulnerability affecting the Arris VAP2500 08.50 firmware. The issue lies within an unidentified functionality of the /assoc_table.php file, where manipulation of the id argument results in command injection. This vulnerability permits remote attacks, and the associated exploit has been made public. Users of this device are urged to apply necessary patches to prevent potential exploitation, identified as VDB-265831.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wDgFFR
https://www.cve.org/CVERecord?id=CVE-2024-5194
https://nvd.nist.gov/vuln/detail/CVE-2024-5194

Back to Vulnerability Database

CVE-2024-5194

CVSS 2.0 Score 5.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations