CVE-2024-33120
CVE-2024-33120
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
07 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a