ГлавнаяУязвимости → CVE-2024-28698
9.8критическая

CVE-2024-28698

Описание

Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/MarimerLLC/csla/pull/3552https://www.intruder.io/research/path-traversal-and-code-execution-in-csla-net-cve-2024-28698https://github.com/MarimerLLC/csla/pull/3552https://www.intruder.io/research/path-traversal-and-code-execution-in-csla-net-cve-2024-28698