CVE-2024-22813

Published: Apr 22, 2024Modified: Sep 15, 2025

4.4

Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.7 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller.

Affected (1)

Products: Tormach: Pathpilot Controller

Tormach

1 product

Pathpilot Controller

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tormach Pathpilot Controller	Version 2.9.6

Running on/with	Platform Versions
Tormach Xstech Cnc Router	All versions

Related CWEs

CWE-798

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (2)

https://gist.github.com/VcuCyber/51075894d1728db07fc2df286c003df9

Source: cve@mitre.org

Third Party Advisory

https://gist.github.com/VcuCyber/51075894d1728db07fc2df286c003df9

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.