← volver
CVE-2024-58278

IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution

CVSS 8.5 HIGHEPSS 0.2%CWE-78
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
04 dic 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
perl2exe <= V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized access.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N