VYPR
High severity7.2NVD Advisory· Published Nov 26, 2024· Updated Jun 17, 2026

CVE-2024-50361

CVE-2024-50361

Description

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "certificate_file_remove" API which are not properly sanitized before being concatenated to OS level commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Advantech/EKI-6333AC-2Gllm-fuzzy4 versions
    <=1.6.3+ 3 more
    • (no CPE)range: <=1.6.3
    • (no CPE)range: 0
    • (no CPE)range: 0
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.