← voltar
CVE-2024-57055

CVE-2024-57055

CVSS 5 MEDIUMEPSS 0.2%CWE-306
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
18 fev 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the client (not the general-use JSON services) and requires reverse engineering of the proprietary serialization protocol, making it difficult to exploit.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
n/a · n/a