exploitDog

CVE-2024-44849

Опубликовано: 09 сент. 2024

Источник: nvd

CVSS3: 9.8

EPSS Критический

Описание

Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php.

Ссылки

https://blog.extencil.me/information-security/cves/cve-2024-44849
Exploit
Third Party Advisory
https://github.com/extencil/CVE-2024-44849?tab=readme-ov-file
Third Party Advisory
https://www.qualitor.com.br/official-security-advisory-cve-2024-44849
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:qualitor:qualitor:8.20:*:*:*:*:*:*:*

cpe:2.3:a:qualitor:qualitor:8.24:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.91917

Критический

9.8 Critical

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-phhc-p9jg-cvj3

CVSS3: 9.8

github

больше 1 года назад

Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php.

EPSS

Процентиль: 100%

0.91917

Критический

9.8 Critical

CVSS3

Дефекты

CWE-434