Lucene search
+L

5 matches found

NVD
NVD
added 2024/12/30 9:15 p.m.14 views

CVE-2024-11944

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. T...

8.8CVSS0.01599EPSS
Exploits0References2
Prion
Prion
added 2024/12/30 9:15 p.m.13 views

CVE-2024-11944

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. T...

0.01599EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/30 8:12 p.m.27 views

CVE-2024-11944 iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. T...

7.5CVSS0.01599EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/30 8:12 p.m.14 views

CVE-2024-11944 iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. T...

7.5CVSS7.5AI score0.01599EPSS
Exploits0References2
CVE
CVE
added 2024/12/30 8:12 p.m.113 views

CVE-2024-11944

CVE-2024-11944 affects iXsystems TrueNAS CORE (tarfile.extractall). The flaw is lack of validation of a user-supplied path in tarfile.extractall, enabling directory traversal and remote code execution with root privileges on affected installations, exploitable by network-adjacent attacker without...

8.8CVSS7.9AI score0.01599EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder