CVE-2024-6404 | MegaSys Computer Technologies Telenium Online Web Application up to 8.3 HTTP code injection (icsa-24-263-04)

Posted by Angelo Barbosa | Sep 19, 2024 | CVE

A vulnerability was found in MegaSys Computer Technologies Telenium Online Web Application up to 8.3 and classified as very critical. This issue affects some unknown processing of the component HTTP Handler. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2024-6404. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6404 | MegaSys Computer Technologies Telenium Online Web Application up to 8.3 HTTP code injection (icsa-24-263-04)

Related Posts

CVE-2024-7060 | GitLab Community Edition/Enterprise Edition up to 17.0.4/17.1.2/17.2.0 Resultant Export information disclosure (Issue 437894)

CVE-2024-32888 | aws amazon-redshift-jdbc-driver up to 2.1.0.27 sql injection (GHSA-x3wm-hffr-chwm)

CVE-2024-8158 | 9front lib9p authorization

CVE-2021-47097 | Linux Kernel up to 5.4.168/5.10.88/5.15.11 Input elantech_change_report_id param[] out-of-bounds