admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-397xx/CVE-2024-39787.json
cad-safe-bot 4a301a0f3d Auto-Update: 2025-01-19T03:00:20.175811+00:00
2025-01-19 03:03:47 +00:00

60 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-39787",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2025-01-14T15:15:23.927",
"lastModified": "2025-01-14T15:15:23.927",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal vulnerability exists within the `disk_part` POST parameter."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades Directory Traversal en la funcionalidad add_dir() de nas.cgi de Wavlink AC3000 M33A8.V5030.210505. Una solicitud HTTP manipulada especialmente puede provocar la omisi\u00f3n de permisos. Un atacante puede realizar una solicitud HTTP autenticada para activar estas vulnerabilidades. Existe una vulnerabilidad de Directory Traversal dentro del par\u00e1metro POST `disk_part`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2057",
"source": "talos-cna@cisco.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink