Home / Vulnerability Intelligence / CVE-2024-30167

CVE-2024-30167 - Vulnerability Analysis

MediumCVSS: 6.3

Last Updated: May 8, 2026

Atlona AT-OME-MS42 Matrix Switcher - Command Injection

Published: May 8, 2026Updated: May 8, 2026PoC AvailableRemote Exploitable

Overview

Atlona AT-OME-MS42 Matrix Switcher 1.1.2 contains a command injection caused by improper sanitization of the serverName parameter in /cgi-bin/time.cgi, letting authenticated users execute arbitrary commands as root.

Severity & Score

Severity: Medium

CVSS Score: 6.3

EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Authenticated users can execute arbitrary commands as root, leading to full system compromise.

Mitigation

Update to the latest version that patches this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/285733

Social Media Activity(1 post)

ExploitDB Bot

@exploitdb_bot

Apr 29, 2026

🚨 New Exploit: Atlona ATOMERX21 - Authenticated Command Injection 📋 CVE: CVE-2024-30167 👤 Author: rizzziom 🔗 https://www.exploit-db.com/exploits/52513 #ExploitDB #InfoSec #CyberSecurity #CVE-2024-30167

View original post

GitHub Repositories(1 repo)

https://github.com/RIZZZIOM/CVE-2024-30167

Related Resources

Details

CVE ID: CVE-2024-30167
Severity: Medium
CVSS Score: 6.3
Type: command_injection
Status: unconfirmed
EPSS: 0.0%
Social Posts: 1

CWE

CWE-77

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score

0.0%Probability of exploitation in the next 30 days