CVE-2024-54013 | THREATINT

Description

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds

PUBLISHED Reserved 2024-11-27 | Published 2026-04-28 | Updated 2026-04-28 | Assigner Hanwha_Vision

HIGH: 8.7CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-306 Missing authentication for critical function

Product status

Default status

unaffected

Any version before 2.24.00

affected

References

www.hanwhavision.com/...bility-ReportCVE-2024-5401154013.pdf

cve.org (CVE-2024-54013)

nvd.nist.gov (CVE-2024-54013)

Download JSON