CVE-2024-55544

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-55544
Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.
CVSS

No CVSS.

References
Link Resource
https://cyberdanube.com/security-research/st-polten-uas-multiple-vulnerabilities-in-oring-iap/
https://cyberdanube.com/security-research/st-polten-uas-multiple-vulnerabilities-in-oring-iap/
Configurations

No configuration.

History

08 Oct 2025, 10:15

Type Values Removed Values Added
Summary
  • (es) La falta de validación de entrada en la interfaz web ORing IAP-420 permite el almacenamiento de Cross Site Scripting (XSS). Este problema afecta a la versión 2.01e y anteriores de IAP-420.
Summary (en) Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below. (en) Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.

10 Dec 2024, 20:15

Type Values Removed Values Added
References () https://cyberdanube.com/security-research/st-polten-uas-multiple-vulnerabilities-in-oring-iap/ - () https://cyberdanube.com/security-research/st-polten-uas-multiple-vulnerabilities-in-oring-iap/ -

10 Dec 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-12-10 16:15

Updated : 2025-10-08 10:15

NVD link : CVE-2024-55544

Mitre link : CVE-2024-55544

CVE.ORG link : CVE-2024-55544

JSON object : View

Products Affected

No product.

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')