CVE-2024-47943
published 2024-10-15CVE-2024-47943: The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.62%
45.1th percentile
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if
the patch files are signed before executing the containing run.sh
script. The signing process is kind of an HMAC with a long string as key
which is hard-coded in the firmware and is freely available for
download. This allows crafting malicious "signed" .patch files in order
to compromise the device and execute arbitrary code.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | gogs_gogs | >= 0 < 0.13.3-0.20250608224432-110117b2e5e5 | 0.13.3-0.20250608224432-110117b2e5e5 |
| gogs.io | gogs | >= 0 < 0.13.3-0.20250608224432-110117b2e5e5 | 0.13.3-0.20250608224432-110117b2e5e5 |
| rittal_gmbh_co_kg | iot_interface_cmc_iii_processing_unit | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ghsa8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Gogs XSS allowed by stored call in PDF renderer
ghsa·2025-06-26·CVSS 8.8
CVE-2025-47943 [HIGH] CWE-79 Gogs XSS allowed by stored call in PDF renderer
Gogs XSS allowed by stored call in PDF renderer
### Summary
A stored XSS is present in Gogs which allows client-side Javascript code execution.
### Details
Gogs Version:
```
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
gogs/gogs latest fe92583bc4fe 10 hours ago 99.3MB
```
Application version: `0.14.0+dev`
Local setup using:
```bash
# Pull image from Docker Hub.
docker pull gogs/gogs
# Create local directory for volume.
sudo mkdir -p /var/gogs
# Use `docker run` for the first time.
docker run --name=gogs -p 10022:22 -p 10880:3000 -v /var/gogs:/data gogs/gogs
```
The vulnerability is caused by the usage of a vulnerable and outdated component: `pdfjs-1.4.20` under public/plugins/.
Read more about this vulnerability at [codeanlabs - CVE-2024-4367](https://codeanlabs.com/blog/res
GHSA
GHSA-3ggr-5p57-2xgh: The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if
the patch files are s
ghsa_unreviewed·2024-10-15
CVE-2024-47943 [CRITICAL] CWE-347 GHSA-3ggr-5p57-2xgh: The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if
the patch files are s
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if
the patch files are signed before executing the containing run.sh
script. The signing process is kind of an HMAC with a long string as key
which is hard-coded in the firmware and is freely available for
download. This allows crafting malicious "signed" .patch files in order
to compromise the device and execute arbitrary code.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-10-15
Published