CVE-2024-9418

CVSS 3.0 Score 6.5 of 10 (medium)

Details

Published Mar 20, 2025

CWE ID 522

Summary

CVE-2024-9418 is a vulnerability affecting version 0.0.14 of transformeroptimus/superagi. This issue arises due to the `/api/users/get/{id}` endpoint returning user passwords in plaintext. An attacker can exploit this flaw to retrieve another user's password, potentially leading to account takeover. This vulnerability highlights the importance of secure password handling and timely software updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zH3Ber
https://www.cve.org/CVERecord?id=CVE-2024-9418
https://nvd.nist.gov/vuln/detail/CVE-2024-9418

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2024-9418

CVSS 3.0 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations