Lucene search
HistoryJun 14, 2024 - 6:15 p.m.
CVE-2024-24320
cve-2024-24320
directory traversal
mgt-commerce cloudpanel
remote attacker
sensitive information
arbitrary code
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
31.3%
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function.
Affected configurations
Node
mgt-commercecloudpanelRange2.0.0–2.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mgt-commerce | cloudpanel | * | cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-24320
2024-06-14 18:15:27
cvelist
cvelist
CVE-2024-24320
2024-06-14 00:00:00
vulnrichment
vulnrichment
CVE-2024-24320
2024-06-14 00:00:00
osv
osv
CVE-2024-24320
2024-06-14 18:15:27
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
31.3%
Related for NVD:CVE-2024-24320