CVE Vulnerabilities

CVE-2024-21785

Active Debug Code

Published: May 28, 2024 | Modified: Feb 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability.

Weakness

The product is released with debugging code still enabled or active.

Affected Software

Name Vendor Start Version End Version
P3-550e_firmware Automationdirect 1.2.10.9 (including) 1.2.10.9 (including)
P3-550e_firmware Automationdirect 4.1.1.10 (including) 4.1.1.10 (including)

Potential Mitigations

References