CVE-2024-12482
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-12482 is a recently disclosed vulnerability affecting the Database Backup Handler component in cjbi wetech-cms versions 1.0/1.1/1.2. This issue, rated as problematic, resides in the BackupFileUtil.java file located in the wetech-basic-common directory. The vulnerability enables attackers to traverse directories by manipulating the argument name, potentially granting them unauthorized access. This exploit can be executed remotely, increasing the severity of the risk. Unfortunately, the vendor has not responded to disclosure of this vulnerability, leaving affected systems potentially vulnerable to attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.