CVE-2024-7551
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Published Aug 6, 2024
Updated: Aug 12, 2024
CWE ID 22
Summary
CVE-2024-7551 is a newly disclosed vulnerability affecting juzaweb CMS versions up to 3.4.2. This issue, classified as problematic, impacts an unnamed function within the /admin-cp/theme/editor/default component's Theme Editor file. The manipulation results in a path traversal, potentially allowing remote attackers to exploit this vulnerability. The exploit has been made public, increasing the risk of potential attacks. Vendor response has been lacking, as they have not addressed this issue despite being notified early on. (VDB-273696)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share