Lucene search
+L

5 matches found

Nuclei
Nuclei
added 10 hours ago14 views

Jan v0.4.12 'readFileSync' - Path Traversal

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface. id: CVE-2024-36857 info: name: Jan v0.4.12 'readFileSync' - Path Traversal author: Yusuf Amr severity: high description: | Jan v0.4.12 was discovered to contain an arbitrary file rea...

7.5CVSS5.4AI score0.02054EPSS
Exploits1References2
Circl
Circl
added 2025/02/02 12:0 a.m.18 views

CVE-2024-36857

creationtimestamp| type| source ---|---|--- 2025-02-02 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-02-02 2025-02-08 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-02-08 2025-02-14 00:00:00+00:00| seen| The Shadowserver...

7.5CVSS5.7AI score0.02054EPSS
In wildExploits1References5
NVD
NVD
added 2024/06/04 7:20 p.m.35 views

CVE-2024-36857

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface...

7.5CVSS7.1AI score0.02054EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/06/04 6:26 p.m.11 views

CVE-2024-36857

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface...

7.6AI score0.02054EPSS
Exploits1References1
CVE
CVE
added 2024/06/04 6:26 p.m.67 views

CVE-2024-36857

CVE-2024-36857 affects Jan v0.4.12, which contains an arbitrary file read vulnerability exposed through the /v1/app/readFileSync interface. The connected template details a path traversal flaw that allows unauthenticated attackers to read arbitrary files on the system, via a vulnerable readFileSy...

7.5CVSS7.7AI score0.02054EPSS
In wildExploits1References1Affected Software1
Rows per page
Query Builder