exploitDog

CVE-2024-39118

Опубликовано: 09 июл. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up.

Ссылки

https://gist.github.com/apple502j/193358682885fe1a6708309ce934e4ed
Exploit
Third Party Advisory
https://github.com/MommyHeather/AdvancedBackups/commit/1545f499f73bf434ed292c31121fdda8042ff5d6
Patch
https://gist.github.com/apple502j/193358682885fe1a6708309ce934e4ed
Exploit
Third Party Advisory
https://github.com/MommyHeather/AdvancedBackups/commit/1545f499f73bf434ed292c31121fdda8042ff5d6
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mommyheather:advanced_backups:*:*:*:*:*:*:*:*

Версия до 3.6 (исключая)

EPSS

Процентиль: 30%

0.00111

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-787

Связанные уязвимости

GHSA-p29p-gggg-4jc9

CVSS3: 5.5

github

больше 1 года назад

Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up.

EPSS

Процентиль: 30%

0.00111

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-787