CVE-2024-29859 | MISP up to 2.4.186 EventsController.php add_misp_export unrestricted upload

Inserito da Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability was found in MISP up to 2.4.186 and classified as problematic. This issue affects the function add_misp_export of the file app/Controller/EventsController.php. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-29859. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29859 | MISP up to 2.4.186 EventsController.php add_misp_export unrestricted upload

Post correlati

CVE-2024-39962 | D-Link DIR-823X AX3000 21_D240126 HTTP Request /goform/set_ntp ntp_zone_val Privilege Escalation

CVE-2023-51614 | D-Link DIR-X3260 prog.cgi SetQuickVPNSettings stack-based overflow

CVE-2024-27674 | Macro Expert up to 4.9.4 MacroService.exe default permission

CVE-2024-2903 | Tenda AC7 15.03.06.44 GetParentControlInfo mac stack-based overflow