Unrated severityNVD Advisory· Published Dec 1, 2025· Updated Dec 1, 2025
CVE-2024-39148
CVE-2024-39148
Description
The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is protected via local firewall.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <5.12
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.