CVE-2024-40089

Oct. 21, 2024, 9:15 p.m.

Tags

cve@mitre.org
2024-10-21
CVE-2024-40089

Product(s) Impacted

Vilo 5 Mesh WiFi System

  • <= 5.16.1.33

Description

A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, authenticated attackers to execute arbitrary code by injecting shell commands into the name of the Vilo device.

Weaknesses

Date

Published: Oct. 21, 2024, 9:15 p.m.

Last Modified: Oct. 21, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

http://vilo.com
cve@mitre.org
https://github.com/byu-cybersecurity-research/vilo/blob/main/vulns/CVE-2024-40089.md
cve@mitre.org