← voltar
CVE-2024-40518

CVE-2024-40518

CVSS 7.2 HIGHEPSS 1.2%CWE-20
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.2EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 jul 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by admin_weixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain system permissions.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · n/a