CVE-2024-47133

EUVD-2024-42749
UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
iodataud-lt1_firmware
𝑥
≤ 2.1.8
ADP
iodataud-lt1\/ex_firmware
𝑥
≤ 2.1.8
ADP
Common Weakness Enumeration
References
https://jvn.jp/en/jp/JVN46615026/
https://www.iodata.jp/support/information/2024/11_ud-lt1/