CVE-2024-54008 | THREATINT

Description

An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary commands as a privileged user on the underlying host.

PUBLISHED Reserved 2024-11-26 | Published 2024-12-10 | Updated 2024-12-11 | Assigner hpe

HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Product status

Default status

affected

8.0.0.0 (semver)

affected

Credits

super2233 (bugcrowd) reporter

References

support.hpe.com/...y?docId=hpesbnw04765en_us&docLocale=en_US

cve.org (CVE-2024-54008)

nvd.nist.gov (CVE-2024-54008)

Download JSON