Security Advisory

CVE-2024-21878

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-10 17:44:48

Last updated 2025-03-11 13:38:31

Assigner DIVD

State PUBLISHED

Description

Improper Neutralization of Special Elements used in a Command (Command Injection) vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currently unpatched.

← Browse all CVEs View on cve.org ↗