cve/CVE-2024-31380.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio e1800aedb5 Update CVE sources 2024-08-26 18:34

2024-08-26 18:34:01 +00:00

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Oxygen Builder allows Code Injection. Vendor is ignoring report, refuses to patch the issue.This issue affects Oxygen Builder: from n/a through 4.9.

POC

Reference

https://patchstack.com/articles/unpatched-authenticated-rce-in-oxygen-and-breakdance-builder?_s_id=cve
https://snicco.io/vulnerability-disclosure/oxygen/client-control-remote-code-execution-oxygen-4-8-1
https://snicco.io/vulnerability-disclosure/oxygen/client-control-remote-code-execution-oxygen-4-8-1?_s_id=cve

Github

https://github.com/Chokopik/CVE-2024-31380-POC
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/nomi-sec/PoC-in-GitHub

1.2 KiB Raw Blame History

CVE-2024-31380

Description

POC

Reference

Github

1.2 KiB

Raw Blame History