CVE-2024-54374

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 22

Summary

CVE-2024-54374 is a newly identified vulnerability that affects the Sabri Taieb Sogrid software from undisclosed versions up to 1.5.6. This issue involves an improper limitation of a pathname that enables a Path Traversal attack. An attacker can exploit this vulnerability to include arbitrary PHP files on the targeted system, increasing the risk of data theft or server takeover. This security flaw should be addressed promptly by users of the Sogrid software to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1KJlow
https://www.cve.org/CVERecord?id=CVE-2024-54374
https://nvd.nist.gov/vuln/detail/CVE-2024-54374

Back to Vulnerability Database

CVE-2024-54374

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations