CVE-2024-22894
Description
An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file.
NVD
Severity: MEDIUM
CVE ID: CVE-2024-22894
CVSS Score: 6.8
CVSS Metrics: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Jaarden
Refrence: GitHub