OS Command Injection in Toshiba products - CVE-2024-27172
Published: June 20, 2024
Vulnerability identifier: #VU92495
CSH Severity: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2024-27172
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
e-STUDIO 2021AC FC-2021AC
e-STUDIO 2521AC FC-2521AC
e-STUDIO 2020AC FC-2020AC
e-STUDIO 2520AC FC-2520AC
e-STUDIO 2025NC FC-2025AC
e-STUDIO 2525AC FC-2525AC
e-STUDIO 3025AC FC-3025AC
e-STUDIO 3525AC FC-3525AC
e-STUDIO 3525ACG FC-3525ACG
e-STUDIO 4525AC FC-4525AC
e-STUDIO 4525ACG FC-4525ACG
e-STUDIO 5525AC FC-5525AC
e-STUDIO 5525ACG FC-5525ACG
e-STUDIO 6525AC FC-6525AC
e-STUDIO 6525ACG FC-6525ACG
e-STUDIO 2528A DP-2528A
e-STUDIO 3028A DP-3028A
e-STUDIO 3528A DP-3528A
e-STUDIO 3528AG DP-3528AG
e-STUDIO 4528A DP-4528A
e-STUDIO 4528AG DP-4528AG
e-STUDIO 5528A DP-5528A
e-STUDIO 6528A DP-6528A
e-STUDIO 6526AC FC-6526AC
e-STUDIO 6527AC FC-6527AC
e-STUDIO 7527AC FC-7527AC
e-STUDIO 6529A DP-6529A
e-STUDIO 7529A DP-7529A
e-STUDIO 9029A DP-9029A
e-STUDIO 330AC FC-330AC
e-STUDIO 400AC FC-400AC
e-STUDIO 2010AC FC-2010AC
e-STUDIO 2110AC FC-2110AC
e-STUDIO 2510AC FC-2510AC
e-STUDIO 2610AC FC-2610AC
e-STUDIO 2015NC FC-2015AC
e-STUDIO 2515AC FC-2515AC
e-STUDIO 2615AC FC-2615AC
e-STUDIO 3015AC FC-3015AC
e-STUDIO 3115AC FC-3115AC
e-STUDIO 3515AC FC-3515AC
e-STUDIO 3615AC FC-3615AC
e-STUDIO 4515AC FC-4515AC
e-STUDIO 4615AC FC-4615AC
e-STUDIO 5015AC FC-5015AC
e-STUDIO 5115AC FC-5115AC
e-STUDIO 2018A DP-2018A
e-STUDIO 2518A DP-2518A
e-STUDIO 2618A DP-2618A
e-STUDIO 3018A DP-3018A
e-STUDIO 3118A DP-3118A
e-STUDIO 3018AG DP-3018AG
e-STUDIO 3518A DP-3518A
e-STUDIO 3518AG DP-3518AG
e-STUDIO 3618A DP-3618A
e-STUDIO 3618AG DP-3618AG
e-STUDIO 4518A DP-4518A
e-STUDIO 4518AG DP-4518AG
e-STUDIO 4618A DP-4618A
e-STUDIO 4618AG DP-4618AG
e-STUDIO 5018A DP-5018A
e-STUDIO 5118A DP-5118A
e-STUDIO 5516AC FC-5516AC
e-STUDIO 5616AC FC-5616AC
e-STUDIO 6516AC FC-6516AC
e-STUDIO 6616AC FC-6616AC
e-STUDIO 7516AC FC-7516AC
e-STUDIO 7616AC FC-7616AC
e-STUDIO 5518A DP-5518A
e-STUDIO 5618A DP-5618A
e-STUDIO 6518A DP-6518A
e-STUDIO 6618A DP-6618A
e-STUDIO 7518A DP-7518A
e-STUDIO 7618A DP-7618A
e-STUDIO 8518A DP-8518A
e-STUDIO 8618A DP-8618A
e-STUDIO 2000AC FC-2000AC
e-STUDIO 2500AC FC-2500AC
e-STUDIO 2005NC FC-2005AC
e-STUDIO 2505AC FC-2005AC
e-STUDIO 3005AC FC-2005AC
e-STUDIO 3505AC FC-2005AC
e-STUDIO 4505AC FC-2005AC
e-STUDIO 5005AC FC-2005AC
e-STUDIO 2008A DP-2008A
e-STUDIO 2508A DP-2508A
e-STUDIO 3008A DP-3008A
e-STUDIO 3008AG DP-3008AG
e-STUDIO 3508A DP-3508A
e-STUDIO 3508AG DP-3508AG
e-STUDIO 4508A DP-4508A
e-STUDIO 4508AG DP-4508AG
e-STUDIO 5008A DP-5008A
e-STUDIO 5506AC FC-5506AC
e-STUDIO 6506AC FC-6506AC
e-STUDIO 7506AC FC-7506AC
e-STUDIO 5508A DP-5508A
e-STUDIO 6508A DP-6508A
e-STUDIO 7508A DP-7508A
e-STUDIO 8508A DP-8508A
e-STUDIO 3508LP DP-3535
e-STUDIO 4508LP DP-4535
e-STUDIO 5008LP DP-5035
e-STUDIO 2021AC FC-2021AC
e-STUDIO 2521AC FC-2521AC
e-STUDIO 2020AC FC-2020AC
e-STUDIO 2520AC FC-2520AC
e-STUDIO 2025NC FC-2025AC
e-STUDIO 2525AC FC-2525AC
e-STUDIO 3025AC FC-3025AC
e-STUDIO 3525AC FC-3525AC
e-STUDIO 3525ACG FC-3525ACG
e-STUDIO 4525AC FC-4525AC
e-STUDIO 4525ACG FC-4525ACG
e-STUDIO 5525AC FC-5525AC
e-STUDIO 5525ACG FC-5525ACG
e-STUDIO 6525AC FC-6525AC
e-STUDIO 6525ACG FC-6525ACG
e-STUDIO 2528A DP-2528A
e-STUDIO 3028A DP-3028A
e-STUDIO 3528A DP-3528A
e-STUDIO 3528AG DP-3528AG
e-STUDIO 4528A DP-4528A
e-STUDIO 4528AG DP-4528AG
e-STUDIO 5528A DP-5528A
e-STUDIO 6528A DP-6528A
e-STUDIO 6526AC FC-6526AC
e-STUDIO 6527AC FC-6527AC
e-STUDIO 7527AC FC-7527AC
e-STUDIO 6529A DP-6529A
e-STUDIO 7529A DP-7529A
e-STUDIO 9029A DP-9029A
e-STUDIO 330AC FC-330AC
e-STUDIO 400AC FC-400AC
e-STUDIO 2010AC FC-2010AC
e-STUDIO 2110AC FC-2110AC
e-STUDIO 2510AC FC-2510AC
e-STUDIO 2610AC FC-2610AC
e-STUDIO 2015NC FC-2015AC
e-STUDIO 2515AC FC-2515AC
e-STUDIO 2615AC FC-2615AC
e-STUDIO 3015AC FC-3015AC
e-STUDIO 3115AC FC-3115AC
e-STUDIO 3515AC FC-3515AC
e-STUDIO 3615AC FC-3615AC
e-STUDIO 4515AC FC-4515AC
e-STUDIO 4615AC FC-4615AC
e-STUDIO 5015AC FC-5015AC
e-STUDIO 5115AC FC-5115AC
e-STUDIO 2018A DP-2018A
e-STUDIO 2518A DP-2518A
e-STUDIO 2618A DP-2618A
e-STUDIO 3018A DP-3018A
e-STUDIO 3118A DP-3118A
e-STUDIO 3018AG DP-3018AG
e-STUDIO 3518A DP-3518A
e-STUDIO 3518AG DP-3518AG
e-STUDIO 3618A DP-3618A
e-STUDIO 3618AG DP-3618AG
e-STUDIO 4518A DP-4518A
e-STUDIO 4518AG DP-4518AG
e-STUDIO 4618A DP-4618A
e-STUDIO 4618AG DP-4618AG
e-STUDIO 5018A DP-5018A
e-STUDIO 5118A DP-5118A
e-STUDIO 5516AC FC-5516AC
e-STUDIO 5616AC FC-5616AC
e-STUDIO 6516AC FC-6516AC
e-STUDIO 6616AC FC-6616AC
e-STUDIO 7516AC FC-7516AC
e-STUDIO 7616AC FC-7616AC
e-STUDIO 5518A DP-5518A
e-STUDIO 5618A DP-5618A
e-STUDIO 6518A DP-6518A
e-STUDIO 6618A DP-6618A
e-STUDIO 7518A DP-7518A
e-STUDIO 7618A DP-7618A
e-STUDIO 8518A DP-8518A
e-STUDIO 8618A DP-8618A
e-STUDIO 2000AC FC-2000AC
e-STUDIO 2500AC FC-2500AC
e-STUDIO 2005NC FC-2005AC
e-STUDIO 2505AC FC-2005AC
e-STUDIO 3005AC FC-2005AC
e-STUDIO 3505AC FC-2005AC
e-STUDIO 4505AC FC-2005AC
e-STUDIO 5005AC FC-2005AC
e-STUDIO 2008A DP-2008A
e-STUDIO 2508A DP-2508A
e-STUDIO 3008A DP-3008A
e-STUDIO 3008AG DP-3008AG
e-STUDIO 3508A DP-3508A
e-STUDIO 3508AG DP-3508AG
e-STUDIO 4508A DP-4508A
e-STUDIO 4508AG DP-4508AG
e-STUDIO 5008A DP-5008A
e-STUDIO 5506AC FC-5506AC
e-STUDIO 6506AC FC-6506AC
e-STUDIO 7506AC FC-7506AC
e-STUDIO 5508A DP-5508A
e-STUDIO 6508A DP-6508A
e-STUDIO 7508A DP-7508A
e-STUDIO 8508A DP-8508A
e-STUDIO 3508LP DP-3535
e-STUDIO 4508LP DP-4535
e-STUDIO 5008LP DP-5035
Software vendor:
Toshiba
Toshiba
Description
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install updates from vendor's website.