CVE-2024-9275
CVSS 3.1 Score 6.3 of 10 (medium)
Details
Summary
CVE-2024-9275 is a critical vulnerability found in the 123solar software by jeanmarc77, affecting versions up to 1.8.4.5. The vulnerability arises from improper handling of the PROTOCOLx argument in the /admin/admin_invt2.php file, which allows for remote file inclusion attacks. To mitigate this risk, organizations should upgrade to a patched version of the software as soon as possible, while ensuring that proper access controls are in place to limit exposure. The potential dangers include unauthorized access and manipulation of files, which can compromise the integrity and confidentiality of sensitive data. This vulnerability has been publicly disclosed, increasing the likelihood of exploitation by malicious actors.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.