Toshiba Vulnerability: Remote Code Execution through File Overwriting
CVE-2024-27177
What is CVE-2024-27177?
A notable vulnerability exists in Toshiba products that permits remote code execution through unauthorized file overwriting. The exploit takes advantage of a flawed package name variable, which can be manipulated by attackers. While this vulnerability may require the presence of additional vulnerabilities to be successfully executed, it poses a significant risk, particularly within environments utilizing affected Toshiba product models and versions. Comprehensive assessments of affected systems and implemented security measures are imperative to mitigate potential exploitation.
Affected Version(s)
Toshiba Tec e-Studio multi-function peripheral (MFP) Linux see the reference URL
References
EPSS Score
5% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved