216.73.216.86

CVE-2024-50625

· Published 09/12/2024 22:15 · Modified 12/12/2024 02:06

Labels: CVE-2024-50625 2024-12-09CVE-2024-50625CWE-434[email protected]

Essential information

Published
09/12/2024 22:15
Modified
12/12/2024 02:06
Author
Creator
CVSS
8.0 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests. This can lead to arbitrary file uploads within specific directories, potentially enabling privilege escalation when combined with other vulnerabilities.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References