CVE-2024-35061 Information

Description

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059 the CVE in subject leads to an unauthenticated fully remote code execution.

Reference

https://www.linkedin.com/pulse/remote-code-execution-via-man-in-the-middle-more-ujkze