CVE-2024-54013
Request Handling Flaw in Web Server Allows Unauthorized Access
Publication date: 2026-04-28
Last updated on: 2026-04-28
Assigner: Hanwha Vision Co., Ltd.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a security flaw found in the web server component related to how it handles requests. Under certain conditions, this flaw could allow unintended access to protected functions, meaning that unauthorized users might be able to perform actions or access features that should be restricted.
How can this vulnerability impact me? :
The impact of this vulnerability could be significant because it may allow unauthorized access to protected functions within the web server. This could lead to potential misuse or exploitation of sensitive features, possibly compromising the security or integrity of the affected system.
What immediate steps should I take to mitigate this vulnerability?
The manufacturer has released patch firmware for the flaw. Immediate mitigation should include applying the manufacturer's patch firmware as soon as possible.
Please refer to the manufacturer's report for additional details and possible workarounds.