CVE-2024-53542

Medium CVSS: 6.5

Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request.

Vendor

Product

CWE

CWE-284

Yayın Tarihi

2025-02-24 23:15:09

Güncelleme

2025-02-25 21:15:15

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 MEDIUM 2025

Referanslar

https://secure77.de/smart-time-plus-rce-cve-2024-53543/