CVE-2024-11618

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Nov 22, 2024
CWE ID 918

Summary

CVE-2024-11618 is a newly disclosed critical vulnerability affecting the IPC Unigy Management System version 04.03.00.08.0027. The issue lies within the HTTP Request Handler component, which has an unknown functionality that is exploitable. This vulnerability enables an attacker to conduct server-side request forgery, allowing them to manipulate server requests remotely. The exploit for this vulnerability has been made public, increasing the risk for potential attacks. Despite early disclosure to the vendor, they have not responded or taken any action to address the issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share