CVE-2024-8409
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-8409 is a high-severity vulnerability found in ABCD ABCD2 versions up to 2.2.0-beta-1, affecting the file /common/show_image.php. This vulnerability allows for path traversal attacks through manipulation of the 'image' argument, enabling remote exploitation without authentication or user interaction. The confidentiality impact is rated high, as it may allow unauthorized access to sensitive files. Remediation steps are not specified, and the vendor has not responded to early disclosures regarding this issue. Organizations using affected products such as yZIDPl, yZIGa2, and yZIGa3 are urged to assess their exposure and implement necessary security measures immediately.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.