CVE-2024-47253

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Nov 5, 2024
Updated: Nov 7, 2024
CWE ID 22

Summary

CVE-2024-47253 is a recently disclosed Path Traversal vulnerability affecting versions 3.1.1.2 and earlier of 2N Access Commander. This issue grants administrative users the ability to write files outside of intended directories, potentially leading to Arbitrary Remote Code Execution (RCE). Importantly, this vulnerability cannot be exploited by users with lower privilege roles. Therefore, it poses a significant risk only to those with administrative access to systems running the affected software.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share