CVE-2024-45791 | Apache Hertzbeat up to 1.6.0 Query String information disclosure

Inserito da Angelo Barbosa | Nov 16, 2024 | CVE

A vulnerability classified as problematic has been found in Apache Hertzbeat up to 1.6.0. Affected is an unknown function of the component Query String Handler. The manipulation leads to information disclosure.

This vulnerability is traded as CVE-2024-45791. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45791 | Apache Hertzbeat up to 1.6.0 Query String information disclosure

Post correlati

CVE-2024-5507 | Luxion KeyShot Viewer KSP File Parser stack-based overflow

CVE-2024-41808 | openobserve up to 0.9.1 cross site scripting (GHSA-hx23-g7m8-h76j)

CVE-2023-50927 | Contiki-NG 4.9 out-of-bounds (GHSA-9423-rgj4-wjfw)

CVE-2023-49835 | Post Duplicator Plugin up to 2.31 on WordPress mtphr_duplicate_post authorization