216.73.217.98

CVE-2024-57728

· Published 16/01/2025 00:15 · Modified 29/04/2026 16:34 · Author: The MITRE Corporation

Labels: CVE-2024-57728 2025-01-15CVE-2024-57728CWE-22CWE-59[email protected]

Essential information

Published
16/01/2025 00:15
Modified
29/04/2026 16:34
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
7.2 HIGH (v3.1)
CISA KEV
Yes
CWE
CWE-22 CWE-59
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.

NVD status

Status
Modified — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
simple-help / simplehelp cpe:2.3:a:simple-help:simplehelp:*:*:*:*:*:*:*:*

References