CVE-2024-41570
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 12, 2024
Updated: Aug 29, 2024
CWE ID 918
Summary
CVE-2024-41570 is a newly disclosed vulnerability that impacts Havoc 2 version 0.7. This issue permits unauthenticated attackers to execute Server-Side Request Forgeries (SSRF) against the affected system. The exploitation of this SSRF vulnerability allows malicious actors to send arbitrary network traffic from the targeted team server, potentially leading to data leakage or server misconfiguration. This poses a significant risk to organizations using Havoc 2 0.7 and highlights the importance of applying the necessary patches to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Mi-28N