exploitDog

CVE-2024-24551

Опубликовано: 24 июн. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files.

Ссылки

https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
Exploit
Third Party Advisory
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bludit:bludit:*:*:*:*:*:*:*:*

Версия до 3.15.0 (включая)

EPSS

Процентиль: 44%

0.00219

Низкий

8.8 High

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-2xxr-prx9-m533

CVSS3: 8.8

github

больше 1 года назад

A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files.

EPSS

Процентиль: 44%

0.00219

Низкий

8.8 High

CVSS3

Дефекты

CWE-77