ГлавнаяУязвимости → CVE-2024-24525
9.8критическая

CVE-2024-24525

Описание

An issue in EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 and 5.4.2 allows a remote attacker to execute arbitrary code via the infoid parameter of the URL.

Затрагиваемое ПО
Epoint Epointwebbuilder
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://l3v3lforall.github.io/EpointWebBuilder_v5.x_VULN/https://l3v3lforall.github.io/EpointWebBuilder_v5.x_VULN/