CVE-2024-21785

None

Description

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability.

INFO

Published Date :

2024-05-28T15:30:14.463Z

Last Modified :

2025-02-13T17:33:19.226Z

Source :

talos

AFFECTED PRODUCTS

The following products are affected by CVE-2024-21785 vulnerability.

Vendors	Products
Automationdirect	P1-540 P1-540 Firmware P1-550 P1-550 Firmware P2-550 P2-550 Firmware P3-530 P3-530 Firmware P3-550 P3-550 Firmware P3-550e P3-550e Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-21785.

URL	Resource
https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1942

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact