CVE-2024-53824
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Dec 6, 2024
CWE ID 98
Summary
CVE-2024-53824 is a newly disclosed vulnerability that affects the AREOI All Bootstrap Blocks, a popular PHP extension. The flaw, classified as a PHP Remote File Inclusion (RFI) vulnerability, arises from the application's improper handling of filename control in include/require statements. Malicious actors can exploit this weakness to include and execute arbitrary local files, potentially leading to serious security consequences. The vulnerability impacts all versions of AREOI All Bootstrap Blocks, ranging from the unspecified initial release through 1.3.19.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share