A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor coul
A remote code execution vulnerability exists in the affected
product. The vulnerability allows users to save projects within the public
directory allowing anyone with local access to modify and/or del
A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the Access Control Entry of the direc
A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and
An “out of bounds write” code execution vulnerability exists in the
Rockwell Automation Arena®
that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat
A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat
A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromi
Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable p
An “uninitialized variable” code execution vulnerability exists in the
Rockwell Automation Arena®
that could allow a threat actor to craft a DOE file and force the software to access a variable be
CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The vulnerability occurs
when chained with Path Traversal, Command Injection, and XSS Vulnerabilities
and allows f
An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticat
A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successfu
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect priv
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbi
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbi
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.
Tdarr 2.00.15 contains an unauthenticated remote code execution vulnerability in its Help terminal that allows attackers to inject and chain arbitrary commands. Attackers can exploit the lack of input
Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute arbitrary commands. Attackers can exploit the service by conne