How severe is CVE-2024-28136?

CVE-2024-28136 has a CVSS v3 score of 7.8 (HIGH).

CVE-2024-28136

7.8HIGH

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service.

Publicado: 5/14/2024Actualizado: 1/24/2025

Descripción

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service.

Análisis IAImpulsado por IA

Productos Afectados

phoenixcontactcharx_sec-3000_firmware

phoenixcontactcharx_sec-3000

phoenixcontactcharx_sec-3050_firmware

phoenixcontactcharx_sec-3050

phoenixcontactcharx_sec-3100_firmware

phoenixcontactcharx_sec-3100

phoenixcontactcharx_sec-3150_firmware

phoenixcontactcharx_sec-3150

Referencias

https://cert.vde.com/en/advisories/VDE-2024-019
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2024-019
Third Party Advisory