CVE-2024-1005 | Shanxi Diankeyun Technology NODERP up to 6.0.2 /runtime/log file access

Posted by Angelo Barbosa | Jan 29, 2024 | CVE

A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. This vulnerability affects unknown code of the file /runtime/log. The manipulation leads to files or directories accessible.

This vulnerability was named CVE-2024-1005. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-1005 | Shanxi Diankeyun Technology NODERP up to 6.0.2 /runtime/log file access

Related Posts

CVE-2024-27417 | Linux Kernel up to 6.7.8 ipv6 inet6_rtm_getaddr memory leak

CVE-2024-2485 | Tenda AC18 15.03.05.05 /goform/SetSpeedWan formSetSpeedWan speed_dir stack-based overflow

CVE-2024-4449 | Essential Addons for Elementor Plugin up to 5.9.19 on WordPress Widgets cross site scripting

CVE-2024-4860 | RSS Aggregator Plugin up to 4.23.8 on WordPress GET Parameter notice_id cross site scripting