HGiga PowerStation remote management function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or disrupt service.

Related CVEs

CVE-2023-24837

Key Information

GHSA ID

GHSA-h2c8-rmv6-rvwc

Published

March 27, 2023 6:30 AM

Last Modified

March 27, 2023 6:30 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.