CVE-2024-10068 | OpenSight Software FlashFXP 5.4.0.3970 FlashFXP.exe uncontrolled search path

Posted by Angelo Barbosa | Oct 17, 2024 | CVE

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path.

This vulnerability is traded as CVE-2024-10068. An attack has to be approached locally. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-10068 | OpenSight Software FlashFXP 5.4.0.3970 FlashFXP.exe uncontrolled search path

Related Posts

CVE-2024-32943 | Westermo L210-F2G Lynx 4.21.0 improper control of interaction frequency (icsa-24-172-03)

CVE-2023-7019 | LightStart Plugin up to 2.6.8 on WordPress authorization

CVE-2024-32697 | HelloAsso Plugin up to 1.1.5 on WordPress cross site scripting

CVE-2024-36179 | Adobe Experience Manager up to 6.5.20 cross site scripting (apsb24-28)