CVE-2024-50960

A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, SMP 352 <= 2.16, and SME 211 <= 3.02, allows a remote authenticated attacker to execute arbitrary commands as root on the underlying operating system.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/layer8secure/extron-smp-inject/	Exploit Third Party Advisory
https://ryanmroth.com/articles/exploiting-extron-smp-command-injection	Exploit Third Party Advisory
https://www.extron.com/article/smp	Product

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:extron:smp_111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:extron:smp_111:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:extron:smp_351_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:extron:smp_351:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:extron:smp_352_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:extron:smp_352:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:extron:sme_211_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:extron:sme_211:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-04-15 18:15

Updated : 2025-04-25 18:35

NVD link : CVE-2024-50960

Mitre link : CVE-2024-50960

CVE.ORG link : CVE-2024-50960

JSON object : View

Products Affected

extron

smp_111_firmware
smp_351
sme_211
smp_351_firmware
smp_352
smp_111
sme_211_firmware
smp_352_firmware

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2024-50960", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2025-04-15T18:15:45.263", "references": [{"url": "https://github.com/layer8secure/extron-smp-inject/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://ryanmroth.com/articles/exploiting-extron-smp-command-injection", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.extron.com/article/smp", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, SMP 352 <= 2.16, and SME 211 <= 3.02, allows a remote authenticated attacker to execute arbitrary commands as root on the underlying operating system."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, and SMP 352 <= 2.16 permite que un atacante remoto autenticado con privilegios administrativos ejecute comandos arbitrarios como root en el sistema operativo subyacente."}], "lastModified": "2025-04-25T18:35:24.457", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:extron:smp_111_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A3EFEEB-A1E7-40C8-B923-7DD9BB53A9F1", "versionEndIncluding": "3.01"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:extron:smp_111:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8CB4B84D-997E-4A65-91F2-2CD51AE452EF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:extron:smp_351_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1CDC2F2-2ADB-413C-B98F-D17B93177770", "versionEndIncluding": "2.16"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:extron:smp_351:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BA7B77F2-362E-4F75-95B4-72924C0A53A6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:extron:smp_352_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A458A6B0-A677-48D4-8492-CA8CA920EB72", "versionEndIncluding": "2.16"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:extron:smp_352:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F96E66E9-8483-4792-B020-8FD4B7A0ED6D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:extron:sme_211_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57D28355-7E2F-4715-8564-FDD5FDC55DD4", "versionEndIncluding": "3.02"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:extron:sme_211:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E0083591-BB29-41DB-8165-EE410050B0B9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}