CVE-2024-57609

CVSS 3.1 Score 8.6 of 10 (high)

Details

Published Feb 6, 2025

Updated: Feb 10, 2025

CWE ID 94

Summary

CVE-2024-57609 is a vulnerability affecting Pygwalker, a product by Kanaries Inc, before version 0.4.9.9. This issue enables a remote attacker to gain access to sensitive information and execute arbitrary code through manipulation of the redirect_path parameter in the login redirection function. Successful exploitation of this vulnerability could lead to significant data breaches and unauthorized system access. Pygwalker users are strongly encouraged to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T-2E7
https://www.cve.org/CVERecord?id=CVE-2024-57609
https://nvd.nist.gov/vuln/detail/CVE-2024-57609

Back to Vulnerability Database

CVE-2024-57609

CVSS 3.1 Score 8.6 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations