CVE-2024-4225

HIGH

NetGuardian DIN RTU - Privilege Escalation, XSS, CSRF

Title source: llm

Description

Multiple security vulnerabilities has been discovered in web interface of NetGuardian DIN Remote Telemetry Unit (RTU), by DPS Telecom. Attackers can exploit those security vulnerabilities to perform critical actions such as escalate user's privilege, steal user's credential, Cross Site Scripting (XSS) and Cross-Site Request Forgery (CSRF).

References (1)

Core 1

Core References

Various Sources

https://govtech-csg.github.io/security-advisories/2024/04/29/CVE-2024-4225.html

Scores

CVSS v3 7.6

EPSS 0.0025

EPSS Percentile 16.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-284

Status published

Products (1)

DPS Telecom/NetGuardian DIN Remote Telemetry Unit (RTU) NGDIN_ST App v2.0D.0062

Published Apr 30, 2024

Tracked Since Feb 18, 2026