CVE-2024-12989 | WISI Tangram GT31 up to 20241214 HTTP Request server-side request forgery

A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-12989. The attack may be launched remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

It is recommended to apply restrictive firewalling.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-12989 | WISI Tangram GT31 up to 20241214 HTTP Request server-side request forgery

Post correlati

CVE-2024-35729 | Tickera Plugin up to 3.5.2.6 on WordPress authorization

CVE-2024-2087 | Brizy Plugin up to 2.4.43 on WordPress Form cross site scripting

CVE-2024-3081 | EasyCorp EasyAdmin up to 4.8.9 Autocomplete autocomplete.js item cross site scripting (5971/6067)

CVE-2024-0257 | RoboDK on 64-bit Win Project File heap-based overflow (icsa-24-107-04)