Security Advisory

CVE-2024-21879

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-10 17:44:49

Last updated 2025-03-11 13:38:27

Assigner DIVD

State PUBLISHED

Description

Improper Neutralization of Special Elements used in a Command (Command Injection) vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225.

← Browse all CVEs View on cve.org ↗