ID
VAR-202410-1442
CVE
CVE-2024-49398
TITLE
Elvaco M-Bus Metering Gateway CMe3100 File Upload Vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2024-41679
DESCRIPTION
The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute code. Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco
Trust: 1.44
sources:
NVD: CVE-2024-49398 //
CNVD: CNVD-2024-41679
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2024-41679
AFFECTED PRODUCTS
| vendor: | elvaco | model: | m-bus metering gateway cme3100 | scope: | eq | version: | 1.12.1 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-41679
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2024-41679 //
NVD: CVE-2024-49398
PROBLEMTYPE DATA
| problemtype: | CWE-434 | Trust: 1.0 |
sources:
NVD: CVE-2024-49398
PATCH
| title: | Patch for Elvaco M-Bus Metering Gateway CMe3100 File Upload Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/601346 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-41679
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-49398 | Trust: 1.6 |
| db: | ICS CERT | id: | ICSA-24-291-01 | Trust: 1.0 |
| db: | CNVD | id: | CNVD-2024-41679 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-41679 //
NVD: CVE-2024-49398
REFERENCES
| url: | https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-01 | Trust: 1.0 |
| url: | https://cxsecurity.com/cveshow/cve-2024-49398/ | Trust: 0.6 |
sources:
CNVD: CNVD-2024-41679 //
NVD: CVE-2024-49398
SOURCES
| db: | CNVD | id: | CNVD-2024-41679 |
| db: | NVD | id: | CVE-2024-49398 |
LAST UPDATE DATE
2024-10-26T23:14:53.587000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2024-41679 | date: | 2024-10-25T00:00:00 |
| db: | NVD | id: | CVE-2024-49398 | date: | 2024-10-18T12:52:33.507 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2024-41679 | date: | 2024-10-25T00:00:00 |
| db: | NVD | id: | CVE-2024-49398 | date: | 2024-10-17T17:15:12.680 |