Lucene search
CERT-PLCVELIST:CVE-2024-1577HistoryJun 12, 2024 - 1:47 p.m.
CVE-2024-1577 Remote Code Execution in MegaBIP
2024-06-1213:47:31
CWE-94
CERT-PL
www.cve.org
8
remote code execution
megabip
vulnerability
php code
authentication
server
website files
9.3 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N/AU:Y/U:Amber/R:I/V:D/RE:M
0.0004 Low
EPSS
Percentile
15.6%
Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by savingΒ crafted by the attacker PHP code to one of the website files.Β This issue affects MegaBIP software versions through 5.11.2.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "MegaBIP",
"repo": "https://megabip.pl/pobierz/1",
"vendor": "Jan Syski",
"versions": [
{
"lessThanOrEqual": "5.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-1577 Remote Code Execution in MegaBIP
2024-06-12 13:47:31
nvd
nvd
CVE-2024-1577
2024-06-12 14:15:10
cve
cve
CVE-2024-1577
2024-06-12 14:15:10
9.3 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N/AU:Y/U:Amber/R:I/V:D/RE:M
0.0004 Low
EPSS
Percentile
15.6%
Related for CVELIST:CVE-2024-1577