Return to CVE list

CVE-2024-41789

9.1
Critical

CVE-2024-41789

productcert@siemens.com
Awaiting Analysis
View on MITREFind on GitHub

Description

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

productcert@siemens.com
https://cert-portal.siemens.com/productcert/html/ssa-187636.html