CVE-2024-55547

Description

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.

PUBLISHED Reserved 2024-12-07 | Published 2024-12-10 | Updated 2024-12-10 | Assigner CyberDanube

Problem types

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

Product status

Credits

P. Chistè finder

A. Falb finder

M. Selinger finder

M. Suchy finder

P. Oberndorfer finder

P. Maluenda finder

D. Sagl finder

M. Narbeshuber-Spletzer finder

J. Springer finder

P. Riedl finder

C. Hierzer finder

M. Pammer finder

References

cyberdanube.com/...as-multiple-vulnerabilities-in-oring-iap/ third-party-advisory

cve.org (CVE-2024-55547)

nvd.nist.gov (CVE-2024-55547)

Download JSON