CVE-2024-31705

2024-04-2918:15:07

[email protected]

web.nvd.nist.gov

cve-2024-31705

infotel conseil glpi

remote code execution

insufficient validation

user-supplied input

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary code via the insufficient validation of user-supplied input.

References

github.com/V3locidad/GLPI_POC_Plugins_Shell

seclists.org/fulldisclosure/2024/Apr/23