#ExploitObserverAlert
CVE-2024-22262
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.701451
CVE-2024-22262
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.701451
#ExploitObserverAlert
CVE-2024-1560
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1560. A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, which fails to properly sanitize user-supplied paths. The issue is present up to version 2.9.2, despite attempts to fix a similar issue in CVE-2023-6831.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.9019774
CVE-2024-1560
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1560. A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, which fails to properly sanitize user-supplied paths. The issue is present up to version 2.9.2, despite attempts to fix a similar issue in CVE-2023-6831.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.9019774
#ExploitObserverAlert
CVE-2024-3400
DESCRIPTION: Exploit Observer has 121 entries in 11 file formats related to CVE-2024-3400. A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
FIRST-EPSS: 0.139670000
NVD-IS: 6.0
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.9034926
CVE-2024-3400
DESCRIPTION: Exploit Observer has 121 entries in 11 file formats related to CVE-2024-3400. A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
FIRST-EPSS: 0.139670000
NVD-IS: 6.0
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.9034926
#ExploitObserverAlert
CVE-2024-1594
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1594. A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to read arbitrary files on the server in the context of the server's process. This issue is similar to CVE-2023-6909 but utilizes a different component of the URI to achieve the same effect.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.9019774
CVE-2024-1594
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1594. A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to read arbitrary files on the server in the context of the server's process. This issue is similar to CVE-2023-6909 but utilizes a different component of the URI to achieve the same effect.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.9019774
#ExploitObserverAlert
CVE-2023-40000
DESCRIPTION: Exploit Observer has 16 entries in 4 file formats related to CVE-2023-40000. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.9040389
CVE-2023-40000
DESCRIPTION: Exploit Observer has 16 entries in 4 file formats related to CVE-2023-40000. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.9040389
#ExploitObserverAlert
CVE-2024-24806
DESCRIPTION: Exploit Observer has 18 entries in 4 file formats related to CVE-2024-24806. libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
FIRST-EPSS: 0.001110000
NVD-IS: 3.4
NVD-ES: 3.9
ARPS-PRIORITY: 0.7291118
CVE-2024-24806
DESCRIPTION: Exploit Observer has 18 entries in 4 file formats related to CVE-2024-24806. libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
FIRST-EPSS: 0.001110000
NVD-IS: 3.4
NVD-ES: 3.9
ARPS-PRIORITY: 0.7291118
#ExploitObserverAlert
CVE-2024-23342
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to CVE-2024-23342. The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Versions 0.18.0 and prior are vulnerable to the Minerva attack. As of time of publication, no known patched version exists.
FIRST-EPSS: 0.000760000
NVD-IS: 5.2
NVD-ES: 2.2
ARPS-PRIORITY: 0.7087238
CVE-2024-23342
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to CVE-2024-23342. The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Versions 0.18.0 and prior are vulnerable to the Minerva attack. As of time of publication, no known patched version exists.
FIRST-EPSS: 0.000760000
NVD-IS: 5.2
NVD-ES: 2.2
ARPS-PRIORITY: 0.7087238
#ExploitObserverAlert
CVE-2023-38709
DESCRIPTION: Exploit Observer has 13 entries in 4 file formats related to CVE-2023-38709. Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.7270125
CVE-2023-38709
DESCRIPTION: Exploit Observer has 13 entries in 4 file formats related to CVE-2023-38709. Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.7270125
#ExploitObserverAlert
CVE-2023-46944
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to CVE-2023-46944. An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component.
FIRST-EPSS: 0.002660000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-PRIORITY: 0.925636
CVE-2023-46944
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to CVE-2023-46944. An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component.
FIRST-EPSS: 0.002660000
NVD-IS: 5.9
NVD-ES: 1.8
ARPS-PRIORITY: 0.925636
#ExploitObserverAlert
CVE-2024-30920
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2024-30920. Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the render-document.php component.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.8065359
CVE-2024-30920
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2024-30920. Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the render-document.php component.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.8065359
#ExploitObserverAlert
CVE-2024-30260
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2024-30260. Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7286899
CVE-2024-30260
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2024-30260. Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7286899
#ExploitObserverAlert
CVE-2024-28255
DESCRIPTION: Exploit Observer has 13 entries in 7 file formats related to CVE-2024-28255. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`.
FIRST-EPSS: 0.000870000
ARPS-PRIORITY: 0.9269076
CVE-2024-28255
DESCRIPTION: Exploit Observer has 13 entries in 7 file formats related to CVE-2024-28255. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`.
FIRST-EPSS: 0.000870000
ARPS-PRIORITY: 0.9269076
#ExploitObserverAlert
CVE-2024-32462
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to CVE-2024-32462. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument of `flatpak run` expects to be given a command to run in the specified Flatpak app, optionally along with some arguments. However it is possible to instead pass `bwrap` arguments to `--command=`, such as `--bind`. It's possible to pass an arbitrary `commandline` to the portal interface `org.freedesktop.portal.Background.RequestBackground` from within a Flatpak app. When this is converted into a `--command` and arguments, it achieves the same effect of passing arguments directly to `bwrap`, and thus can be used for a sandbox escape. The solution is to pass the `--` argument to `bwrap`, which makes it stop processing options. This has been supported since bubblewrap 0.3.0. All supported versions of Flatpak require at least that version of bubblewrap. xdg-desktop-portal version 1.18.4 will mitigate this vulnerability by only allowing Flatpak apps to create .desktop files for commands that do not start with --. The vulnerability is patched in 1.15.8, 1.10.9, 1.12.9, and 1.14.6.
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.7115119
CVE-2024-32462
DESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to CVE-2024-32462. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument of `flatpak run` expects to be given a command to run in the specified Flatpak app, optionally along with some arguments. However it is possible to instead pass `bwrap` arguments to `--command=`, such as `--bind`. It's possible to pass an arbitrary `commandline` to the portal interface `org.freedesktop.portal.Background.RequestBackground` from within a Flatpak app. When this is converted into a `--command` and arguments, it achieves the same effect of passing arguments directly to `bwrap`, and thus can be used for a sandbox escape. The solution is to pass the `--` argument to `bwrap`, which makes it stop processing options. This has been supported since bubblewrap 0.3.0. All supported versions of Flatpak require at least that version of bubblewrap. xdg-desktop-portal version 1.18.4 will mitigate this vulnerability by only allowing Flatpak apps to create .desktop files for commands that do not start with --. The vulnerability is patched in 1.15.8, 1.10.9, 1.12.9, and 1.14.6.
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.7115119
#ExploitObserverAlert
CVE-2023-20862
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to CVE-2023-20862. In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. Users of affected versions should apply the following mitigation. 5.7.x users should upgrade to 5.7.8. 5.8.x users should upgrade to 5.8.3. 6.0.x users should upgrade to 6.0.3.
FIRST-EPSS: 0.000860000
NVD-IS: 3.4
NVD-ES: 2.8
ARPS-PRIORITY: 0.7013831
CVE-2023-20862
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to CVE-2023-20862. In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. Users of affected versions should apply the following mitigation. 5.7.x users should upgrade to 5.7.8. 5.8.x users should upgrade to 5.8.3. 6.0.x users should upgrade to 6.0.3.
FIRST-EPSS: 0.000860000
NVD-IS: 3.4
NVD-ES: 2.8
ARPS-PRIORITY: 0.7013831
#ExploitObserverAlert
CVE-2024-30261
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2024-30261. Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7172316
CVE-2024-30261
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2024-30261. Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the `integrity` option passed to `fetch()`, allowing `fetch()` to accept requests as valid even if they have been tampered. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7172316
#ExploitObserverAlert
CVE-2024-22262
DESCRIPTION: Exploit Observer has 26 entries in 6 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.710172
CVE-2024-22262
DESCRIPTION: Exploit Observer has 26 entries in 6 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.710172
#ExploitObserverAlert
CVE-2024-23759
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-23759. Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function.
FIRST-EPSS: 0.327070000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9115431
CVE-2024-23759
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-23759. Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function.
FIRST-EPSS: 0.327070000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9115431
#ExploitObserverAlert
CVE-2023-48788
DESCRIPTION: Exploit Observer has 78 entries in 9 file formats related to CVE-2023-48788. A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.
FIRST-EPSS: 0.562220000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9246164
CVE-2023-48788
DESCRIPTION: Exploit Observer has 78 entries in 9 file formats related to CVE-2023-48788. A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.
FIRST-EPSS: 0.562220000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9246164
#ExploitObserverAlert
CVE-2024-2389
DESCRIPTION: Exploit Observer has 160 entries in 23 file formats related to CVE-2024-2389. In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.
FIRST-EPSS: 0.004390000
ARPS-PRIORITY: 0.9032071
CVE-2024-2389
DESCRIPTION: Exploit Observer has 160 entries in 23 file formats related to CVE-2024-2389. In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.
FIRST-EPSS: 0.004390000
ARPS-PRIORITY: 0.9032071
#ExploitObserverAlert
EDB-51999
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51999. SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)
ARPS-PRIORITY: 0.8025509
EDB-51999
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51999. SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)
ARPS-PRIORITY: 0.8025509
#ExploitObserverAlert
EDB-51998
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51998. Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution
ARPS-PRIORITY: 0.801634
EDB-51998
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51998. Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution
ARPS-PRIORITY: 0.801634