CVE-2024-46054
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-46054 is a newly disclosed vulnerability affecting OpenVidReview version 1.0. This issue involves an Incorrect Access Control issue, where the /upload route is accessible without requiring authentication. Consequently, any unauthenticated user can take advantage of this vulnerability and upload files to the system, posing a significant risk to the security of the affected installation. Successful exploitation could result in unauthorized file modifications or data leakage. It is highly recommended that users of OpenVidReview 1.0 upgrade to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.