CVE-2024-28033
CVE-2024-28033
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.3EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
26 mar 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
OS command injection vulnerability exists in WebProxy 1.7.8 and 1.7.9, which may allow a remote unauthenticated attacker to execute an arbitrary OS command with the privilege of the running web server. Note that the developer was unreachable, therefore, users should consider stop using WebProxy 1.7.8 and 1.7.9.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Productos afectados
LunarNight Laboratory · WebProxyReferencias
https://jvn.jp/en/jp/JVN22376992/