{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-52779", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-11-29T18:10:00.534Z", "dateReserved": "2024-11-15T00:00:00.000Z", "datePublished": "2024-11-29T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-11-29T16:03:01.050Z"}, "descriptions": [{"lang": "en", "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_top10.php."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-52779", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-29T18:02:55.618140Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:dcnglobal:dcme-320_firmware:*:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-320_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "7.4.12.90"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:dcnglobal:dcme-520_firmware:-:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-520_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "9.25.5.11"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:dcnglobal:dcme-320-l_firmware:*:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-320-l_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "9.3.5.26"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:dcnglobal:dcme-720_firmware:-:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-720_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "9.1.5.11"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-29T18:10:00.534Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-52779", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-29T18:02:55.618140Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:dcnglobal:dcme-320_firmware:*:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-320_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "7.4.12.90"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:dcnglobal:dcme-520_firmware:-:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-520_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "9.25.5.11"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:dcnglobal:dcme-320-l_firmware:*:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-320-l_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "9.3.5.26"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:dcnglobal:dcme-720_firmware:-:*:*:*:*:*:*:*"], "vendor": "dcnglobal", "product": "dcme-720_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "9.1.5.11"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-29T18:02:40.705Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/"}], "descriptions": [{"lang": "en", "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_top10.php."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-11-29T16:03:01.050482"}}}, "cveMetadata": {"cveId": "CVE-2024-52779", "state": "PUBLISHED", "dateUpdated": "2024-11-29T18:10:00.534Z", "dateReserved": "2024-11-15T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-11-29T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dcnetworks:dcme-720_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFCFE59D-8B88-4D2A-B31B-5B95326A7DAF", "versionEndIncluding": "9.1.5.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dcnetworks:dcme-720:-:*:*:*:*:*:*:*", "matchCriteriaId": "196AC09F-4CFC-4863-AEDC-8A8CED1C2D44", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dcnetworks:dcme-320-l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0D18B1B-6CB1-4FDD-9455-1DFA51CA224F", "versionEndIncluding": "9.3.5.26", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dcnetworks:dcme-320-l:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6806213-6BA4-4511-86EA-22C937E962AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dcnetworks:dcme-320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7FAF203-AF23-4E9F-85B7-B4025171F2D8", "versionEndIncluding": "7.4.12.90", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dcnetworks:dcme-320:-:*:*:*:*:*:*:*", "matchCriteriaId": "C83218E1-F3F6-43B0-925D-F8965C159DEA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dcnetworks:dcme-520_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8A290A0-02E9-4412-ACFD-155FDD138C50", "versionEndIncluding": "9.25.5.11", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dcnetworks:dcme-520:-:*:*:*:*:*:*:*", "matchCriteriaId": "66170AD0-D82B-484B-96DA-9FFAB6C79DCB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_top10.php."}, {"lang": "es", "value": "DCME-320 &lt;=7.4.12.90, DCME-520 &lt;=9.25.5.11, DCME-320-L &lt;=9.3.5.26 y DCME-720 &lt;=9.1.5.11 son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de /function/audit/newstatistics/mon_stat_top10.php."}], "id": "CVE-2024-52779", "lastModified": "2025-11-06T21:08:12.537", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-11-29T16:15:10.810", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}