exploitDog

CVE-2024-48071

Опубликовано: 19 нояб. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

E-cology has a directory traversal vulnerability. An attacker can exploit this vulnerability to delete the server directory, causing the server to permanently deny service.

Ссылки

https://gist.github.com/CoinIsMoney/d437f267f2d65cb80dd7da97cb2068e8
Third Party Advisory
https://github.com/stuven1989/TemporaryGuild/blob/main/files/exp-eng-3.pdf
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:weaver:e-cology:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00824

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-hf57-pc64-3428

CVSS3: 6.5

github

около 1 года назад

An issue in the component /importmould/deletefolder of Weaver Ecology v9.* allows authenticated attackers to execute a directory traversal and arbitrarily delete files.

EPSS

Процентиль: 74%

0.00824

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22