admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-85xx/CVE-2024-8537.json
cad-safe-bot 45c9d5d76c Auto-Update: 2025-03-23T03:00:20.104511+00:00
2025-03-23 03:03:54 +00:00

60 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-8537",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.970",
"lastModified": "2025-03-20T10:15:42.970",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing an attacker to delete arbitrary files from the filesystem. This issue arises due to improper input validation, enabling the attacker to manipulate file paths and delete sensitive files outside of the intended directory."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de path traversal en la aplicaci\u00f3n modelscope/agentscope, que afecta a todas las versiones. La vulnerabilidad est\u00e1 presente en el endpoint /delete-workflow, lo que permite a un atacante eliminar archivos arbitrarios del sistema de archivos. Este problema surge debido a una validaci\u00f3n de entrada incorrecta, lo que permite al atacante manipular las rutas de los archivos y eliminar archivos confidenciales fuera del directorio previsto."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/eeb8aa4b-e6e5-465c-b0dd-aa97e3b7dc09",
"source": "security@huntr.dev"
}
]
}
Reference in New Issue View Git Blame Copy Permalink