CVE-2024-9142

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 25, 2024

Updated: Oct 14, 2024

CWE ID 732

CWE ID 73

Summary

CVE-2024-9142 is a newly disclosed vulnerability affecting the e-Belediye software by Olgu Computer Systems. This issue involves an improper file permission assignment, leading to External Control of File Name or Path. Hackers can exploit this vulnerability by manipulating web input to execute file system calls. Consequently, attackers can potentially gain unauthorized access to critical resources. This security flaw affects e-Belediye versions prior to 2.0.642, making it essential for organizations using this software to apply the available patch promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/y6Za-S
https://www.cve.org/CVERecord?id=CVE-2024-9142
https://nvd.nist.gov/vuln/detail/CVE-2024-9142

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners

CVE-2024-9142

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations