CVE-2024-57687
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-57687 is a newly discovered vulnerability affecting the PHPGurukul Land Record System version 1.0. The issue resides in the /landrecordsys/admin/dashboard.php file, where a OS Command Injection flaw is present. By exploiting this vulnerability through the "Cookie" GET request parameter, an unauthorized attacker can execute arbitrary code remotely. This vulnerability poses a significant risk and requires immediate attention from users running the affected software. It is recommended to upgrade to the latest version or apply the necessary patches to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Phpgurukul Land Record System