CVE-2024-4999

Published: May 16, 2024

Modified: Aug 1, 2024

PUBLISHED

Description

A vulnerability in the web-based management interface of multiple Ligowave devices could allow an authenticated remote attacker to execute arbitrary commands with elevated privileges.This issue affects UNITY: through 6.95-2; PRO: through 6.95-1.Rt3883; MIMO: through 6.95-1.Rt2880; APC Propeller: through 2-5.95-4.Rt3352.

Vendor	Product	Versions
Ligowave	UNITY	affected `0 - <= 6.95-2`
Ligowave	PRO	affected `0 - <= 6.95-1.rt3883`
Ligowave	MIMO	affected `0 - <= 6.95-1.rt2880`
Ligowave	APC Propeller	affected `0 - <= 2-5.95-4.rt3352`

Weaknesses (CWE)

CWE-77

References

https://onekey.com/blog/security-advisory-remote-code-execution-in-ligowave-devices/

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-4999

Description

Affected Products

Weaknesses (CWE)

References