Vulnerability Description
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cs-Technologies | Evolution | <= 2.04.560 |
Related Weaknesses (CWE)
References
- https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiThird Party Advisory
- https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiThird Party Advisory
FAQ
What is CVE-2024-29838?
CVE-2024-29838 is a vulnerability with a CVSS score of 7.5 (HIGH). The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software
How severe is CVE-2024-29838?
CVE-2024-29838 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-29838?
Check the references section above for vendor advisories and patch information. Affected products include: Cs-Technologies Evolution.