CVE-2024-28138

HIGH

Scan2Net < 7.40 - Unauthenticated OS Command Injection via msg_events.php data Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-28138. PoCs published by iSee857.

AI-analyzed exploit summary The repository contains functional exploit code for CVE-2024-28138, demonstrating command execution via a crafted request to an OpenCode API endpoint. The script includes session handling and command injection to verify vulnerability.

Description

An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the "msg_events.php" script as the www-data user. The HTTP GET parameter "data" is not properly sanitized.

Exploits (1)

github WORKING POC 40 stars
by iSee857 · pythonpoc
https://github.com/iSee857/CVE-PoC/tree/main/Scan2Net_CVE-2024-28138_RCE.py

The repository contains functional exploit code for CVE-2024-28138, demonstrating command execution via a crafted request to an OpenCode API endpoint. The script includes session handling and command injection to verify vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: OpenCode (version not specified)
No auth needed
Prerequisites: Network access to the target · OpenCode API endpoint exposed
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (3)

Core 3
Core References
Various Sources third-party-advisory
https://r.sec-consult.com/imageaccess

Scores

CVSS v3 7.3
EPSS 0.0088
EPSS Percentile 54.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-78
Status published
Products (1)
Image Access GmbH/Scan2Net < 7.40
Published Dec 10, 2024
Tracked Since Feb 18, 2026