CVE-2024-10435 | didi Super-Jacoco 1.0 /cov/triggerEnvCov uuid command injection

Inserito da Angelo Barbosa | Ott 27, 2024 | CVE

A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cov/triggerEnvCov. The manipulation of the argument uuid leads to command injection.

This vulnerability was named CVE-2024-10435. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-10435 | didi Super-Jacoco 1.0 /cov/triggerEnvCov uuid command injection

Post correlati

CVE-2023-49801 | Lif-Platforms Lif-Auth-Server up to 1.3.x get_pfp/get_banner path traversal (GHSA-3v77-pvqq-qg3f)

CVE-2024-31616 | Ruijie common_quick_config.lua Privilege Escalation

CVE-2024-28395 | Best-Kit bestkit_popup up to 1.7.2 on PrestaShop bestkit_popup.php sql injection

CVE-2024-30603 | Tenda FH1203 2.0.1.6 saveParentControlInfo urls stack-based overflow