Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-47903

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices allows to write arbitrary files to the web server's DocumentRoot directory.

Published

2024-10-23T15:15:31.397

Last Modified

2024-10-30T15:54:34.647

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-250
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	intermesh_7177_hybrid_2.0_subscriber	< 8.2.12	Yes
Hardware	siemens	intermesh_7177_hybrid_2.0_subscriber	-	No
Operating System	siemens	intermesh_7707_fire_subscriber_firmware	< 7.2.12	Yes
Hardware	siemens	intermesh_7707_fire_subscriber	-	No

References

https://cert-portal.siemens.com/productcert/html/ssa-333468.html Vendor Advisory ([email protected])