216.73.217.24

CVE-2024-9150

· Published 21/02/2025 12:15 · Modified 21/02/2025 12:15

Labels: CVE-2024-9150 2025-02-21CVE-2024-9150CWE-1336[email protected]

Essential information

Published
21/02/2025 12:15
Modified
21/02/2025 12:15
Author
Creator
CISA KEV
No
CWE

Description

Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently limits what code might be included. An attacker is able use a low privileges account in order to abuse this functionality and execute malicious code, load DLL libraries and executing OS commands on a host system with applications high privileges. This issue has been fixed in version 8.0.00204.0

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References