CVE-2024-43778 | THREATINT

Description

OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

PUBLISHED Reserved 2024-09-17 | Published 2024-09-18 | Updated 2024-09-18 | Assigner jpcert

Problem types

OS command injection

Product status

prior to 46110.1.100869.65

affected

prior to 53210.1.900103.65

affected

prior to 53310.1.900111.65

affected

prior to 7xx10.1.900055.65

affected

prior to 7xx10.1.900055.65

affected

prior to 7xx10.1.900055.65

affected

prior to 56x10.1.100540.65

affected

prior to 56x10.1.100540.65

affected

prior to 49310.1.100540.65

affected

References

www.takex-eng.co.jp/ja/news/news.php?s=68

jvn.jp/en/vu/JVNVU90142679/

cve.org (CVE-2024-43778)

nvd.nist.gov (CVE-2024-43778)

Download JSON