4 matches found
CVE-2024-6396
A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...
CVE-2024-6396
creationtimestamp| type| source ---|---|--- 2024-07-12 02:41:34+00:00| seen| https://t.me/cvedetector/700 2025-02-01 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-01 2025-02-06 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilitie...
CVE-2024-6396
A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...
CVE-2024-6396
An vulnerability in the _backup_run function of aimhubio/aim 3.19.3 allows remote attackers to manipulate run_hash and repo.path to create/write arbitrary files on the host and exfiltrate data, with potential for denial of service, data loss, or remote code execution. Confirmed by connected sourc...