CVE-2024-54662

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Dec 17, 2024

Updated: Dec 18, 2024

CWE ID 863

Summary

CVE-2024-54662 is a vulnerability affecting Dante version 1.4.0 through 1.4.3. This issue arises due to incorrect access control in certain sockd.conf configurations concerning socksmethod. A successful exploit could result in unauthorized access or privileged actions within the affected system. It is recommended that users upgrade to Dante version 1.4.4 as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Dante Zing

Affected Vendors

Inferno Nettverk A/S

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1OUhkX
https://www.cve.org/CVERecord?id=CVE-2024-54662
https://nvd.nist.gov/vuln/detail/CVE-2024-54662

Back to Vulnerability Database