5 matches found
CVE-2024-55570
creationtimestamp| type| source ---|---|--- 2025-03-03 16:30:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6227 2025-03-03 18:44:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljim7hxg652a...
CVE-2024-55570
/api/user/users in the web GUI for the Cubro EXA48200 network packet broker build 20231025055018 fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access...
CVE-2024-55570
/api/user/users in the web GUI for the Cubro EXA48200 network packet broker build 20231025055018 fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access...
CVE-2024-55570
/api/user/users in the web GUI for the Cubro EXA48200 network packet broker build 20231025055018 fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access...
CVE-2024-55570
CVE-2024-55570 affects Cubro EXA48200 network packet broker UI: /api/user/users allows remote authenticated users to elevate privileges by sending a single HTTP PUT with rolename=Administrator (improper access control). Affected build: 20231025055018; fixed in V5.0R14.5P4-V3.3R1. CVSS 3.1 base sc...