Arbitrary System Command Injection Vulnerability in SECOM WRTR-304GN-304TW-UPSC
CVE-2024-6046

9.8CRITICAL

Key Information:

Vendor: Secom
Status: Wrtr-304gn-304tw-upsc
Vendor: CVE Published:; 17 June 2024

What is CVE-2024-6046?

This vulnerability, concerning a widely used Network Security Software developed by TWCERT, has been withdrawn by its CVE Numbering Authority. As a result, no details or conditions have been publicly documented regarding this vulnerability. Users of the affected products should remain vigilant and monitor updates released by the vendor for any further developments or security advisories.

Affected Version(s)

WRTR-304GN-304TW-UPSC V02

References

https://www.twcert.org.tw/tw/cp-132-7881-f88ad-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-7882-998f5-2.html

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2024
Vulnerability Reserved
Jun 17, 2024

Secom

What is CVE-2024-6046?

Affected Version(s)

References

CVSS V3.1

Timeline