External Control of File Name or Path (CWE-73)
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Feedly found the first article mentioning CVE-2024-27943. See article
Feedly estimated the CVSS score as HIGH
NVD published the first details for CVE-2024-27943
A CVSS base score of 7.2 has been assigned.
EPSS Score was set to: 0.04% (Percentile: 8.5%)