ГлавнаяУязвимости → CVE-2024-24621
9.8критическая

CVE-2024-24621

Описание

Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers can exploit this vulnerability to gain full server access as the root user.

Затрагиваемое ПО
Softaculous Webuzo
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://blog.exodusintel.com/2024/07/25/softaculous-webuzo-authentication-bypass/https://blog.exodusintel.com/2024/07/25/softaculous-webuzo-authentication-bypass/