CVE-2024-53477

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 2, 2024
Updated: Dec 11, 2024
CWE ID 502

Summary

CVE-2024-53477: A critical vulnerability has been identified in JFinal CMS version 5.1.0. Hackers can exploit this issue by executing arbitrary commands through unauthorized deserialization in the file ApiForm.java. This vulnerability poses a significant risk as it allows attackers to gain administrative access and control over affected systems. Users are strongly advised to update their JFinal CMS installations to a secure version to mitigate this threat. Failure to patch this vulnerability may result in data theft, system compromise, or other malicious activities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share