CVE-2024-46625

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 3, 2024
Updated: Dec 11, 2024
CWE ID 434

Summary

CVE-2024-46625 is an authenticated arbitrary file upload vulnerability affecting InfoDom Performa 365 v4.0.1. Attackers can exploit this vulnerability by uploading a specially crafted SVG file to the /documentCache/upload endpoint. Successful exploitation allows the attacker to execute arbitrary code, potentially leading to serious security consequences. This vulnerability poses a significant risk for organizations using InfoDom Performa 365 v4.0.1 and underscores the importance of updating software to mitigate known vulnerabilities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share