CVE-2024-5407 Information

Description

A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the \search\ parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system compromising the entire infrastructure.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-rhinos-saltos https://github.com/josepsanzcamp/RhinOS