CVE-2024-27173

CRITICAL

Remote Command - RCE

Title source: llm

Description

Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL.

Exploits (1)

nomisec WORKING POC
by Ieakd · poc
https://github.com/Ieakd/0day-POC-for-CVE-2024-27173

References (4)

Scores

CVSS v3 9.8
EPSS 0.4542
EPSS Percentile 97.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
Toshiba Tec Corporation/Toshiba Tec e-Studio multi-function peripheral (MFP) see the reference URL
Published Jun 14, 2024
Tracked Since Feb 18, 2026