CVE-2024-0185

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 2, 2024

Updated: May 17, 2024

CWE ID 434

Summary

CVE-2024-0185 is a critical vulnerability affecting the RRJ Nueva Ecija Engineer Online Portal 1.0. The issue lies in the processing of the file "dasboard_teacher.php" in the Avatar Handler component. This flaw enables unrestricted upload, which can be exploited remotely. The exploit has been disclosed to the public, making it a potential threat for cyberattacks. Despite the vulnerability being rated as critical, specific details about the number of affected systems remain unknown.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

National Institute on Aging

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t_XBde
https://www.cve.org/CVERecord?id=CVE-2024-0185
https://nvd.nist.gov/vuln/detail/CVE-2024-0185

Back to Vulnerability Database

CVE-2024-0185

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations