CVE-2024-41270

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 6, 2024
Updated: Aug 12, 2024
CWE ID 327

Summary

CVE-2024-41270 is a vulnerability affecting the RunHTTPServer function in Gorush version 1.18.4. This issue enables attackers to intercept and potentially manipulate data due to the server's use of deprecated TLS versions. The vulnerability poses a significant risk as it exposes sensitive information to unauthorized access, making it crucial for users to upgrade to a secure and updated version of Gorush as soon as possible. Attackers can exploit this weakness by intercepting and modifying data in transit, leading to potential data breaches and unauthorized access to systems. Organizations and individuals using Gorush version 1.18.4 are encouraged to apply the necessary patches or updates promptly to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share