CVE-2024-44623

CRITICAL

TuomoKu SPx-GC <1.3.0 - RCE

Title source: llm

Description

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function.

Exploits (1)

nomisec WRITEUP
by merbinr · poc
https://github.com/merbinr/CVE-2024-44623

References (3)

Scores

CVSS v3 9.8
EPSS 0.3892
EPSS Percentile 97.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (1)
spx/spx_graphics_controller < 1.3.0
Published Sep 16, 2024
Tracked Since Feb 18, 2026