TVN ID | TVN-202408003 |
---|---|
CVE ID | CVE-2024-7728 |
CVSS | 7.2 (High) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Affected Products | CMS-SE(22.04) v11.0CMS-SE(18.04) v11.0CMS-SE v11.0 |
Description | The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server. |
Solution | For CMS-SE(22.04) v11.0, install patch P23005 or later.For CMS-SE(18.04) v11.0, install patch P23006 or later.For CMS-SE v11.0, Install patch P23007 or later. |
Credit | Dio Lin(CHT) |
Public Date | 2024-08-13 |