CVE-2024-8957 - PTZOptics PT30X-SDI/NDI Command Injection Vulnerability

2 months ago 25
ARTICLE AD BOX
CVE ID : CVE-2024-8957
Published : Sept. 17, 2024, 9:15 p.m. | 24 minutes ago
Description : PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956, a remote and unauthenticated attacker can execute arbitrary OS commands on affected devices.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article