CVE-2024-25626 | Yocto Project poky up to 3.1.30/4.0.15/4.3.1 HTTP os command injection (GHSA-75xw-78mm-72r4)

Posted by Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability classified as critical was found in Yocto Project poky up to 3.1.30/4.0.15/4.3.1. This vulnerability affects unknown code of the component HTTP Handler. The manipulation leads to os command injection.

This vulnerability was named CVE-2024-25626. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25626 | Yocto Project poky up to 3.1.30/4.0.15/4.3.1 HTTP os command injection (GHSA-75xw-78mm-72r4)

Related Posts

CVE-2024-1273 | Starbox Plugin up to 3.4.x on WordPress cross site scripting

CVE-2023-6766 | PHPGurukul Teacher Subject Allocation Management System 1.0 Delete Course /admin/course.php delid cross-site request forgery

CVE-2024-42584 | Warehouse Inventory System 2.0 delete_product.php cross-site request forgery

CVE-2024-5428 | SourceCodester Simple Online Bidding System 1.0 HTTP POST Request index.php save_product cross-site request forgery