216.73.216.170

CVE-2024-4825

· Published 14/05/2024 15:45 · Modified 14/05/2024 16:11

Labels: CVE-2024-4825 2024-05-14CVE-2024-4825CWE-434[email protected]

Essential information

Published
14/05/2024 15:45
Modified
14/05/2024 16:11
Author
Creator
CVSS
9.8 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References