CVE-2024-29859 | MISP up to 2.4.186 EventsController.php add_misp_export unrestricted upload

Inserito da Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability was found in MISP up to 2.4.186 and classified as problematic. This issue affects the function add_misp_export of the file app/Controller/EventsController.php. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-29859. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29859 | MISP up to 2.4.186 EventsController.php add_misp_export unrestricted upload

Post correlati

CVE-2024-1344 | LaborOfficeFree 19.10 LOF_service.exe hard-coded credentials

CVE-2024-30189 | Siemens SCALANCE W788-2 RJ45 Wi-Fi Queue authentication spoofing (ssa-457702)

CVE-2023-49078 | zediious raptor-web 0.4.4 Link cross site scripting (GHSA-8r6g-fhh4-xhmq)

CVE-2024-21470 | Qualcomm Snapdragon Graphics memory corruption