Lucene search
MitreCVE-2024-27758HistoryMar 12, 2024 - 4:15 p.m.
CVE-2024-27758
2024-03-1216:15:08
CWE-306
mitre
web.nvd.nist.gov
64
cve-2024-27758
rpyc
remote code execution
nvd
security vulnerability
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0
Percentile
9.0%
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class that results in remote code execution.
Related
ubuntucve
ubuntucve
CVE-2024-27758
2024-03-12 00:00:00
nessus
nessus
openSUSE 15 Security Update : python-rpyc (openSUSE-SU-2024:0082-1)
2024-03-16 00:00:00
vulnrichment
vulnrichment
CVE-2024-27758
2024-03-12 00:00:00
osv
osv
PYSEC-2024-44
2024-03-12 16:15:00
RPyC's missing security check results in code execution when using numpy.array on the server-side.
2024-03-06 17:05:30
CVE-2024-27758
2024-03-12 16:15:08
debiancve
debiancve
CVE-2024-27758
2024-03-12 16:15:08
openvas
openvas
openSUSE: Security Advisory for python (openSUSE-SU-2024:0082-1)
2024-03-25 00:00:00
nvd
nvd
CVE-2024-27758
2024-03-12 16:15:08
cvelist
cvelist
CVE-2024-27758
2024-03-12 00:00:00
prion
prion
Remote code execution
2024-03-12 16:15:00
veracode
veracode
Arbitrary Code Execution
2024-03-07 07:10:43
redhatcve
redhatcve
CVE-2024-27758
2024-03-12 20:08:08
github
github
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-27758