CVE-2024-50848

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 18, 2024

Updated: Nov 19, 2024

CWE ID 611

Summary

CVE-2024-50848 is a newly identified XML External Entity (XXE) vulnerability that affects the Import object and Translation Memory import functionalities of WorldServer v11.8.2. Maliciously crafted .tmx files can be used to exploit this weakness, granting attackers unauthorized access to sensitive information and the ability to execute arbitrary commands. This vulnerability poses a significant risk to systems utilizing the affected version of WorldServer and highlights the importance of keeping software up-to-date with security patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

WorldServer

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/z7SU5X
https://www.cve.org/CVERecord?id=CVE-2024-50848
https://nvd.nist.gov/vuln/detail/CVE-2024-50848

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-50848

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations