CVE-2024-6421 | THREATINT

Description

An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service.

PUBLISHED Reserved 2024-07-01 | Published 2024-07-10 | Updated 2025-08-22 | Assigner CERTVDE

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-552 Files or Directories Accessible to External Parties

Product status

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Credits

BMW AG reporter

References

cert.vde.com/en/advisories/VDE-2024-038

cert.vde.com/en/advisories/VDE-2024-038

cve.org (CVE-2024-6421)

nvd.nist.gov (CVE-2024-6421)

Download JSON

help @ threatint.eu