CVE-2024-56283
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Jan 7, 2025
CWE ID 502
Summary
CVE-2024-56283 is a deserialization vulnerability affecting the Locatoraid Store Locator from version n/a to 3.9.50 on plainware.com. An attacker can inject objects into the application, potentially leading to unauthorized access or system compromise. The flaw arises when the software fails to validate and sanitize user-supplied data before deserialization. This vulnerability poses a significant risk to affected systems and requires immediate remediation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share