CVE-2024-30567

Vulnerability

Overview An authenticated remote code execution vulnerability exists in JNT Telecom JNT Liftcom UMS version V1.J Core Version JM-V15. The flaw resides in the "Network Troubleshooting" functionality of the web interface. Improper input validation allows an authenticated attacker to inject and execute arbitrary operating system commands [1].

Exploitation

Conditions To exploit this vulnerability, an attacker must have valid credentials to the JNT Liftcom UMS web interface. With network access to the management interface, they can send specially crafted HTTP requests to the Network Troubleshooting feature, which executes commands with elevated privileges. No additional authentication or network position is required beyond valid credentials and network connectivity [1].

Impact

Successful exploitation enables arbitrary command execution on the underlying system. This can lead to full system compromise, including data exfiltration, malware installation, and potential lateral movement within the network. The vulnerability is rated Medium with a CVSS v3 score of 6.3, indicating significant impact with moderate complexity [1].

Mitigation

Status As of the publication date, no official patch has been released by JNT Telecom. Users should consider restricting network access to the management interface, implementing strong authentication mechanisms, and monitoring for suspicious activity. It is advisable to contact the vendor for updates [1].