216.73.216.204

CVE-2025-24494

· Published 05/03/2025 16:15 · Modified 05/03/2025 16:15

Labels: CVE-2025-24494 2025-03-05CVE-2025-24494CWE-22[email protected]

Essential information

Published
05/03/2025 16:15
Modified
05/03/2025 16:15
Author
Creator
CVSS
7.2 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

Path traversal may allow remote code execution using privileged account (requires device admin account, cannot be performed by a regular user). In combination with the 'Upload' functionality this could be used to execute an arbitrary script or possibly an uploaded binary. Remediation in Version 6.7.0, release date: 20-Oct-24.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References