An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations.
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 30 May 2025 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Nokia
Nokia hit 7300
Nokia hit 7300 Firmware
CPEs cpe:2.3:h:nokia:hit_7300:-:*:*:*:*:*:*:*
cpe:2.3:o:nokia:hit_7300_firmware:5.60.50:*:*:*:*:*:*:*
Vendors & Products Nokia
Nokia hit 7300
Nokia hit 7300 Firmware

Mon, 25 Nov 2024 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-94
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L'}


Mon, 30 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 30 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-11-25T20:54:07.796Z

Reserved: 2024-03-11T00:00:00

Link: CVE-2024-28811

cve-icon Vulnrichment

Updated: 2024-09-30T20:47:17.904Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-30T19:15:04.060

Modified: 2025-05-30T14:50:05.867

Link: CVE-2024-28811

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.