What is CVE-2024-38288?

CVE-2024-38288 is a vulnerability in N/a. Published 2024-07-25.

Is CVE-2024-38288 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-38288

A command-injection issue in the Certificate Signing Request (CSR) functionality in R-HUB TurboMeeting through 8.x allows authenticated attackers with administrator privileges to execute arbitrary commands on the underlying server as root.

EPSS: 0.685 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cve-scores

References

www.rhubcom.com/v5/manuals.html
github.com/google/security-research/security/advisories/GHSA-gx6g-8mvx-3q5c

Frequently asked questions

What is CVE-2024-38288?: CVE-2024-38288 is a vulnerability in N/a. Published 2024-07-25.
Is CVE-2024-38288 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.