CRITICAL
Atelmo
CVE published 2024-09-26
CVE-2024-9166
CVE-2024-9166 is a critical vulnerability in the Atelmo Atemio AM 520 HD Full HD Satellite Receiver that enables unauthenticated remote attackers to execute arbitrary system commands with root privileges. The vulnerability exists in the device's web interface through the 'getcommand' query parameter, which lacks proper authorization controls and input validation. With a CVSS 3.1 score of 9.8 (Critical), t [truncated]