CVE-2024-47210 | Gladys Assistant up to 4.45.0 user.controller.js updateMySelf Privilege Escalation

Posted by Angelo Barbosa | Sep 22, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Gladys Assistant up to 4.45.0. Affected is the function updateMySelf of the file server/api/controllers/user.controller.js. The manipulation leads to Privilege Escalation.

This vulnerability is traded as CVE-2024-47210. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47210 | Gladys Assistant up to 4.45.0 user.controller.js updateMySelf Privilege Escalation

Related Posts

CVE-2023-5594 | ESET NOD32 Antivirus prior 1464 certificate validation

CVE-2024-28811 | Infinera hiT 7300 5.60.50 HTTP Invocation Privilege Escalation

CVE-2024-8212 | D-Link DNS-1550-04 up to 20240814 /cgi-bin/hd_config.cgi cgi_FMT_R12R5_2nd_DiskMGR f_source_dev command injection (SAP10383)

CVE-2023-51467 | Apache OFBiz up to 18.12.10 improper authentication