CVE-2024-31408

Publication date

2024-11-22 00:10:50

Family

jpcert

State

PUBLISHED

Description

OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request.