CVE-2024-54214
CVSS 3.1 Score 10 of 10 (high)
Details
Published Dec 6, 2024
Updated: Dec 20, 2024
CWE ID 434
Summary
CVE-2024-54214 is a newly identified vulnerability affecting the Revy component of Roninwp. This issue involves an Unrestricted File Upload vulnerability, where an attacker can upload a dangerous file type, such as a web shell, to a web server. The flaw exists in Revy versions from n/a to 1.18, posing a significant risk to affected systems. Successful exploitation could lead to unauthorized access, data theft, or even server takeover. Users are strongly advised to update to the latest version of Revy or consider alternative solutions to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share