216.73.217.64

CVE-2024-31161

· Published 14/06/2024 04:15 · Modified 14/06/2024 04:15

Labels: CVE-2024-31161 2024-06-14CVE-2024-31161CWE-434[email protected]

Essential information

Published
14/06/2024 04:15
Modified
14/06/2024 04:15
Author
Creator
CVSS
7.2 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

The upload functionality of ASUS Download Master does not properly filter user input. Remote attackers with administrative privilege can exploit this vulnerability to upload any file to any location. They may even upload malicious web page files to the website directory, allowing arbitrary system commands to be executed upon browsing the webpage.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References