CVE-2024-9513
CVSS 3.1 Score 3.7 of 10 (low)
Details
Summary
CVE-2024-9513 is a vulnerability found in Netadmin Software's NetAdmin IAM versions up to 3.5, specifically affecting an unspecified functionality of the HTTP POST Request Handler related to the file /controller/api/Answer/ReturnUserQuestionsFilled. The vulnerability arises from improper handling of the username argument, which can lead to information exposure. Although the attack can be executed remotely, it has a high complexity level, making exploitation difficult. The vendor is aware of the issue and plans to release a fix by mid-October 2024. Organizations using affected products such as zL5-4R and zLl-K9 should monitor for updates and apply remediation promptly due to the low confidentiality impact associated with this flaw.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.