CVE-2024-1005 | Shanxi Diankeyun Technology NODERP up to 6.0.2 /runtime/log file access

Posted by Angelo Barbosa | Jan 29, 2024 | CVE

A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. This vulnerability affects unknown code of the file /runtime/log. The manipulation leads to files or directories accessible.

This vulnerability was named CVE-2024-1005. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-1005 | Shanxi Diankeyun Technology NODERP up to 6.0.2 /runtime/log file access

Related Posts

CVE-2024-2051 | Schneider Electric Easergy T200 excessive authentication (SEVD-2024-072-01)

CVE-2024-37826 | vercot Serva 4.6.0 HTTP Request null pointer dereference

CVE-2024-34069 | pallets werkzeug up to 3.0.2 cross-site request forgery (GHSA-2g68-c3qc-8985)

CVE-2024-8253 | Post Grid and Gutenberg Blocks Plugin 2.2.87/2.2.88/2.2.89/2.2.90 on WordPress Privilege Escalation