CVE-2024-37767 | 14Finger 1.1 GET Request /api/admin/user permission (Issue 12)

Posted by Angelo Barbosa | Jul 5, 2024 | CVE

A vulnerability was found in 14Finger 1.1. It has been declared as problematic. This vulnerability affects unknown code of the file /api/admin/user of the component GET Request Handler. The manipulation leads to permission issues.

This vulnerability was named CVE-2024-37767. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-37767 | 14Finger 1.1 GET Request /api/admin/user permission (Issue 12)

Related Posts

CVE-2023-50630 | xiweicheng TMS 2.28.0 Click Here cross site scripting

CVE-2024-25951 | Dell Integrated Remote Access Controller 8 prior 2.85.85.85 improper validation of consistency within input (dsa-2024-089)

CVE-2024-41376 | dzzoffice 2.02.1 user/space/about.php path traversal (Issue 252)

CVE-2024-25976 | HAWKI LDAP Authentication login.php $_SERVER[‘PHP_SELF’] cross site scripting