Lucene search

K
vulnrichmentMitreVULNRICHMENT:CVE-2024-27707
HistoryMar 07, 2024 - 12:00 a.m.

CVE-2024-27707

2024-03-0700:00:00
mitre
github.com
2
cve-2024-27707
server side request forgery
huly platform
arbitrary code
svg file upload

AI Score

7.7

Confidence

Low

SSVC

Exploitation

poc

Automatable

no

Technical Impact

partial

Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:hcengineering:huly:0.6.202:*:*:*:*:*:*:*"
    ],
    "vendor": "hcengineering",
    "product": "huly",
    "versions": [
      {
        "status": "affected",
        "version": "0.6.202"
      }
    ],
    "defaultStatus": "unknown"
  }
]

AI Score

7.7

Confidence

Low

SSVC

Exploitation

poc

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2024-27707