logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2024-24122

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-24122

Description:
A remote code execution vulnerability in the project management of Wanxing Technology's Yitu project which allows an attacker to use the exp.adpx file as a zip compressed file to construct a special file name, which can be used to decompress the project file into the system startup folder, restart the system, and automatically execute the constructed attack script.
Last updated date:
11/13/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
11/13/2024
Reference url to background

https://github.com/zty007666/Shenzhen-Yitu-Software-Yitu-Project-Management-Software/tree/0215da8db607824bc9523ce7532f8fc53ba1b40a/Remote%20Code%20Execution%20Vulnerability_02

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy