Lucene search
K

CVE-2024-31839

🗓️ 12 Apr 2024 00:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 69 Views🌐 WEB

Security vulnerability in tiagorlampert CHAOS v.5.0.1 allows privilege escalation via sendCommandHandler function

Related
Detection
Refs
Paths
Social
NVD
Vulnrichment
Node
ParameterPositionPathDescriptionCWE
usernamerequest bodyauthLogin endpoint vulnerable to XSS/RCE chain through authenticated or JWT-based flow.CWE-79
passwordrequest bodyauthLogin endpoint vulnerable to XSS/RCE chain through authenticated or JWT-based flow.CWE-79
addressrequest bodygenerateEndpoint that crafts and sends payload to execute commands (RCE) and triggers XSS in response.CWE-79
portrequest bodygenerateEndpoint that crafts and sends payload to execute commands (RCE) and triggers XSS in response.CWE-79
os_targetrequest bodygenerateEndpoint that crafts and sends payload to execute commands (RCE) and triggers XSS in response.CWE-79
filenamerequest bodygenerateEndpoint that crafts and sends payload to execute commands (RCE) and triggers XSS in response.CWE-79
run_hiddenrequest bodygenerateEndpoint that crafts and sends payload to execute commands (RCE) and triggers XSS in response.CWE-79
hostnamerequest bodydeviceDevice checkin endpoint accepting JSON payload; can be abused to trigger XSS in responses.CWE-79
usernamerequest bodydeviceDevice checkin endpoint accepting JSON payload; can be abused to trigger XSS in responses.CWE-79
user_idrequest bodydeviceDevice checkin endpoint accepting JSON payload; can be abused to trigger XSS in responses.CWE-79
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 07:28Current
6.4Medium risk
Vulners AI Score6.4
CVSS 3.14.8
EPSS0.08104
SSVC
69