Vulnerability feed

Vulnerability

CVE-2024-8517

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2024-8517
Description:: SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request.
Last updated date:: 09/18/2024

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/06/2024
Reference url to background: https://github.com/Chocapikk/CVE-2024-8517

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/08/2024
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spip_bigup_unauth_rce.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/18/2024
Reference url to background: https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_2_a_big_upload/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/18/2024
Reference url to background: https://vozec.fr/researchs/spip-preauth-rce-2024-big-upload/

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |