CVE-2024-42362 | Apache HertzBeat up to 1.5.x /api/monitors/import deserialization (GHSL-2023-254)

Posted by Angelo Barbosa | Aug 21, 2024 | CVE

A vulnerability, which was classified as very critical, was found in Apache HertzBeat up to 1.5.x. Affected is an unknown function of the file /api/monitors/import. The manipulation leads to deserialization.

This vulnerability is traded as CVE-2024-42362. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-42362 | Apache HertzBeat up to 1.5.x /api/monitors/import deserialization (GHSL-2023-254)

Related Posts

CVE-2024-36962 | Linux Kernel up to 6.1.90/6.6.30/6.8.9 on KS8851 ks8851 local_bh_disable/local_bh_enable Privilege Escalation

CVE-2024-29454 | ROS2 Humble Hawksbill improper authorization

CVE-2023-50207 | D-Link G416 flupl command injection (ZDI-23-1823)

CVE-2024-37985 | ARM CPU information disclosure