CVE-2024-55506

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 18, 2024

Updated: Dec 26, 2024

CWE ID 639

Summary

CVE-2024-55506 is an IDOR (Insecure Direct Object References) vulnerability affecting the Complaint Management System v1.0 of CodeAstro, with no updates installed. An attacker can exploit this issue by manipulating the id parameter in the delete.php file, enabling them to execute arbitrary code and gain unauthorized access to sensitive information. This vulnerability poses a significant risk, as an attacker can leverage it to perform malicious actions, such as data theft or system compromise. CodeAstro is advised to apply the necessary patches or updates to mitigate this issue and secure their system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1TymNO
https://www.cve.org/CVERecord?id=CVE-2024-55506
https://nvd.nist.gov/vuln/detail/CVE-2024-55506

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Predator Still Active, with New Client and Corporate Links Identified

Know What Matters

For Customers

For Partners

CVE-2024-55506

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations