CVE-2024-37762

2024-07-0100:00:00

mitre

github.com

machform

version 21

file upload

vulnerability

remote code execution

AI Score

7.6

Confidence

Low

SSVC

Exploitation

poc

Automatable

Technical Impact

total

JSON

MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:machform:machform:*:*:*:*:*:*:*:*"
    ],
    "vendor": "machform",
    "product": "machform",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "21",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

github.com/Atreb92/cve-2024-37762