CVE-2024-34453 | TwoNav 2.1.13 index.php url server-side request forgery

Inserito da Angelo Barbosa | Mag 3, 2024 | CVE

A vulnerability classified as critical has been found in TwoNav 2.1.13. Affected is an unknown function of the file index.php?c=api&method=read_data&type=connectivity_test. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is traded as CVE-2024-34453. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34453 | TwoNav 2.1.13 index.php url server-side request forgery

Post correlati

CVE-2024-1580 | VideoLAN dav1d up to 1.3.x AV1 Decoder integer overflow

CVE-2023-46740 | CubeFS up to 3.3.0 random values

CVE-2024-34424 | iePlexus Featured Content Gallery Plugin up to 3.2.0 on WordPress cross site scripting

CVE-2024-2639 | Bdtask Wholesale Inventory Management System up to 20240311 session fixiation