Lucene search
K

4 matches found

NVD
NVD
added 2024/12/20 8:15 p.m.16 views

CVE-2024-56331

Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...

6.8CVSS0.01793EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/20 7:48 p.m.9 views

CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor

Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...

6.8CVSS6.6AI score0.01793EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/20 7:48 p.m.21 views

CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor

Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...

6.8CVSS0.01793EPSS
Exploits0References2
CVE
CVE
added 2024/12/20 7:48 p.m.94 views

CVE-2024-56331

CVE-2024-56331 affects Uptime Kuma’s real-browser monitor, enabling Local File Inclusion via file:/// URLs. The vulnerability arises from insufficient server-side validation of the URL input, allowing an authenticated user to trigger the browser to fetch and capture local files (e.g., /etc/passwd...

6.8CVSS6.5AI score0.01793EPSS
Exploits0References2
Rows per page
Query Builder