CVE-2024-57055
CVE-2024-57055
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
18 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the client (not the general-use JSON services) and requires reverse engineering of the proprietary serialization protocol, making it difficult to exploit.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
n/a · n/a