CVE-2024-30220

2024-04-1511:15:08

[email protected]

web.nvd.nist.gov

command injection

mzk-mf300n

network-adjacent

unauthenticated attacker

arbitrary command

specially crafted request

port

cve-2024-30220

nvd

8.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

Command injection vulnerability in MZK-MF300N all firmware versions allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port.

References

jvn.jp/en/vu/JVNVU91975826/