CVE-2024-8338
CVSS 3.1 Score 6.3 of 10 (medium)
Details
Summary
CVE-2024-8338 is a critical vulnerability affecting HFO4 shudong-share version 2.4.7, specifically within the file handling functionality of /includes/fileReceive.php. This vulnerability allows for unrestricted file uploads, which can be exploited remotely due to its low attack complexity and minimal privileges required. Organizations using unsupported versions of this product are at risk, as the exploit has already been publicly disclosed. To remediate this issue, it is essential to upgrade to a supported version or apply relevant security patches if available. Failure to address this vulnerability could lead to potential integrity and availability impacts on organizational systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.