The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-7673-688b7-1.html |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2024-02-15T02:18:34.668Z
Updated: 2024-06-28T02:06:33.958Z
Reserved: 2024-02-15T01:33:48.679Z
Link: CVE-2024-26260
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-02-15T03:15:34.833
Modified: 2024-02-15T06:23:39.303
Link: CVE-2024-26260
JSON object: View
Redhat Information
No data.
CWE