CVE-2024-50707

Critical CVSS: 10.0

Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request.

Vendor

Uniguest

Product

Tripleplay

CWE

CWE-94

Yayın Tarihi

2025-03-04 16:15:35

Güncelleme

2025-05-28 17:27:58

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-94 Tripleplay CRITICAL Uniguest 2025

Referanslar

https://uniguest.com/cve-bulletins/ https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50707-Vulnerability-Summary.pdf

Benzer Kayıtlar

Critical

CVE-2024-50704

Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to exec…

High

CVE-2024-50705

Unauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before 24.2.1 allows remote at…

Critical

CVE-2024-50706

Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbi…