CVE-2024-4638
Published: 25 June 2024
Summary
CVE-2024-4638 is a high-severity Command Injection (CWE-77) vulnerability in Moxa Oncell G3470A-Lte-Eu-T Firmware. Its CVSS base score is 7.1 (High).
Operationally, ranked in the top 21.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-44242
Vulnerability details
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intended commands sent to target functions, which could cause…
more
malicious users to execute unauthorized commands.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.