CVE-2024-7551

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Aug 6, 2024
Updated: Aug 12, 2024
CWE ID 22

Summary

CVE-2024-7551 is a newly disclosed vulnerability affecting juzaweb CMS versions up to 3.4.2. This issue, classified as problematic, impacts an unnamed function within the /admin-cp/theme/editor/default component's Theme Editor file. The manipulation results in a path traversal, potentially allowing remote attackers to exploit this vulnerability. The exploit has been made public, increasing the risk of potential attacks. Vendor response has been lacking, as they have not addressed this issue despite being notified early on. (VDB-273696)

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share