CVE-2024-47407

CVSS 3.1 Score 10 of 10 (high)

Details

Published Nov 22, 2024
CWE ID 78

Summary

CVE-2024-47407 is a newly identified vulnerability in myPRO Manager. This issue arises due to insufficient input validation for a command parameter. An unauthenticated remote attacker can exploit this vulnerability by injecting arbitrary operating system commands, potentially leading to significant security implications. This flaw is particularly concerning as it does not require any authentication, making it easier for attackers to gain unauthorized access and execute malicious code. myPRO Manager users are advised to apply patches and update their systems as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share