CVE-2024-11998

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 30, 2024
Updated: Dec 4, 2024
CWE ID 89
CWE ID 74

Summary

CVE-2024-11998 is a newly disclosed critical vulnerability affecting the Farmacia 1.0 software. The issue lies within the /visualizer-fornecedor.chp file and permits sql injection through manipulation of the id argument. An attacker can initiate this exploit remotely, making it a significant threat. The vulnerability has been made public, increasing the risk of potential exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share