Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-42427

Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges.

Published

2024-09-10T08:15:02.760

Last Modified

2024-12-20T14:43:52.363

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.6 (HIGH)

Weaknesses

Type: Secondary
CWE-77
Type: Primary
CWE-77

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	wyse_thinos	9.5.1079	Yes
Operating System	dell	wyse_thinos	9.5.2109	Yes

References

https://www.dell.com/support/kbdoc/en-us/000228350/dsa-2024-386 Vendor Advisory ([email protected])