CVE-2024-57602

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 12, 2025

Updated: Feb 24, 2025

Summary

CVE-2024-57602 is a newly discovered vulnerability in the Alex Tselegidis EasyAppointments version 1.5.0. This issue enables a remote attacker to escalate privileges by exploiting a flaw in the index.php file. Successful exploitation could lead to significant security consequences, such as unauthorized access or system compromise. It is recommended that users update to the latest version of EasyAppointments to mitigate this risk. The precise nature of the vulnerability remains undisclosed to prevent potential attackers from exploiting it before affected users can apply the necessary patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T9sfR
https://www.cve.org/CVERecord?id=CVE-2024-57602
https://nvd.nist.gov/vuln/detail/CVE-2024-57602

Back to Vulnerability Database

CVE-2024-57602

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations