NuytsTech Security

CVE-2024-1015

by ·

Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could send different commands from the operating system to the system via the web configuration functionality of the device.

More information : https://www.hackplayers.com/2024/01/cve-2024-1014-and-cve-2024-1015.html

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 9.8
Base severity : CRITICAL
Exploitability score : 3.9
Impact score : 5.9

Tags: