CVE-2024-37759 | DataGear up to 5.0.0 SpEL Expression injection (Issue 32)

Inserito da Angelo Barbosa | Giu 25, 2024 | CVE

A vulnerability was found in DataGear up to 5.0.0. It has been classified as critical. This affects an unknown part of the component SpEL Expression Handler. The manipulation leads to injection.

This vulnerability is uniquely identified as CVE-2024-37759. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-37759 | DataGear up to 5.0.0 SpEL Expression injection (Issue 32)

Post correlati

CVE-2024-34946 | Tenda FH1206 1.2.0.8 ip/goform/DhcpListClient page stack-based overflow

CVE-2024-28581 | FreeImage 3.19.0 r1909 TARGA Image _assignPixel buffer overflow

CVE-2024-40038 | idcCMS 1.35 userScore_deal.php cross-site request forgery

CVE-2024-28519 | MicroWorld eScan Antivirus 4.0.0.49 Kernel ProcObsrvesx.sys Privilege Escalation