CVE-2024-57968 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing…
Critical KEV CVSS: 9.9

CVE-2024-57968

Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this.
Vendor
Advantive
Product
Veracore
CWE
CWE-434
Yayın Tarihi
2025-02-03 20:15:36
Güncelleme
2025-11-04 16:38:38
Source Identifier
cve@mitre.org
KEV Date Added
2025-03-10

Kategoriler

CWE-434 Veracore CRITICAL Advantive 2025

Referanslar

https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1 https://intezer.com/blog/research/xe-group-exploiting-zero-days/ https://www.solissecurity.com/en-us/insights/xe-group-from-credit-card-skimming-to-exploiting-zero-days/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-57968