HPE Athonet Mobile Core CVE-2024-6206
HIGHSeverity by source
AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (hpe) · only source for this CVE.
CVSS VectorVendor: hpe
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
A security vulnerability has been identified in HPE Athonet Mobile Core software. The core application contains a code injection vulnerability where a threat actor could execute arbitrary commands with the privilege of the underlying container leading to complete takeover of the target system.
AnalysisAI
A security vulnerability has been identified in HPE Athonet Mobile Core software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. A security vulnerability has been identified in HPE Athonet Mobile Core software. The core application contains a code injection vulnerability where a threat actor could execute arbitrary commands with the privilege of the underlying container leading to complete takeover of the target system.
Affected ProductsAI
HPE Athonet Mobile Core software. The core application contains a code injection vulnerability where a threat actor.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.
Same weakness CWE-94 – Code Injection
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today