CVE-2024-11948
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Dec 12, 2024
Updated: Dec 13, 2024
Summary
CVE-2024-11948 is a remote code execution vulnerability affecting GFI Archiver due to the use of a vulnerable version of Telerik Web UI in the product installer. This issue permits attackers to execute arbitrary code on affected installations without requiring authentication. The exploit runs in the context of NETWORK SERVICE, increasing the potential impact of the attack. This vulnerability, previously identified as ZDI-CAN-24041, poses a significant risk to organizations using GFI Archiver.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- GFI Archiver
Affected Vendors
- Inetum