CVE-2024-31705

2024-04-2900:00:00

mitre

www.cve.org

cve-2024-31705

infotel conseil

glpi

remote code execution

user input validation

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary code via the insufficient validation of user-supplied input.

References

github.com/V3locidad/GLPI_POC_Plugins_Shell

seclists.org/fulldisclosure/2024/Apr/23