Security Advisory

CVE-2024-21880

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-10 17:44:48

Last updated 2025-03-11 13:38:29

Assigner DIVD

State PUBLISHED

Description

Improper Neutralization of Special Elements used in a Command (Command Injection) vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway (formerly known as Enphase) allows OS Command Injection.This issue affects Envoy: 4.x <= 7.x

← Browse all CVEs View on cve.org ↗