cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-47902,https://securityvulnerability.io/vulnerability/CVE-2024-47902,Authentication Bypass in InterMesh Hybrid and Fire Subscriber Products by Siemens,"A significant vulnerability has been identified in the web server components of Siemens' InterMesh 7177 Hybrid 2.0 Subscriber and InterMesh 7707 Fire Subscriber products. Specifically, the issue arises from inadequate authentication for GET requests that allow the execution of operating system-level commands such as 'ping'. This vulnerability affects all versions of InterMesh 7177 Hybrid prior to V8.2.12, and specifically the InterMesh 7707 Fire Subscriber versions prior to V7.2.12 when the IP interface is enabled, which is not the default setting. This oversight could lead to unauthorized access and potentially exploit the underlying system.",Siemens,Intermesh 7177 Hybrid 2.0 Subscriber,9.8,CRITICAL,0.0007699999841861427,false,,false,false,false,,false,false,2024-10-23T15:15:00.000Z,0
CVE-2024-47903,https://securityvulnerability.io/vulnerability/CVE-2024-47903,File Write Vulnerability in InterMesh Products by Siemens,"A vulnerability exists in the web server of certain InterMesh devices where an attacker can exploit it to write arbitrary files to the DocumentRoot directory. This affects all versions of InterMesh 7177 Hybrid 2.0 Subscriber prior to V8.2.12 and the InterMesh 7707 Fire Subscriber prior to V7.2.12 if the IP interface is enabled, which is not the default setting. This flaw poses significant risks, as it enables unauthorized modification of server files, potentially leading to further exploitation or unauthorized access.",Siemens,Intermesh 7177 Hybrid 2.0 Subscriber,9.1,CRITICAL,0.0004799999878741801,false,,false,false,false,,false,false,2024-10-23T15:15:00.000Z,0
CVE-2024-47904,https://securityvulnerability.io/vulnerability/CVE-2024-47904,Local Command Execution Vulnerability in InterMesh Products by Siemens,"A serious vulnerability has been discovered in Siemens' InterMesh products, specifically affecting the 7177 Hybrid 2.0 Subscriber and 7707 Fire Subscriber models. The flaw exists due to the presence of a SUID binary that can be exploited by authenticated local users. By leveraging this vulnerability, attackers could execute arbitrary commands with root privileges, which poses significant security risks. The affected versions include any variants of the InterMesh 7177 Hybrid 2.0 Subscriber below version 8.2.12 and the InterMesh 7707 Fire Subscriber below version 7.2.12, provided that the IP interface is enabled, which is not the default setting. Immediate action is recommended to mitigate this risk.",Siemens,Intermesh 7177 Hybrid 2.0 Subscriber,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-10-23T15:15:00.000Z,0