CVE-2024-51365
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 21, 2024
Updated: Dec 4, 2024
CWE ID 434
Summary
CVE-2024-51365 is a newly identified vulnerability in VisiCut v2.1. This issue stems from the importSettings method, which contains an arbitrary file upload flaw. By uploading a specially crafted Zip file, attackers can exploit this vulnerability to execute arbitrary code. The vulnerability poses a significant risk, as it can lead to unauthorized system access and potential data breaches. Users are strongly advised to update VisiCut to a patched version as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share