CVE-2024-0643

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 17, 2024

Updated: Jan 24, 2024

CWE ID 434

Summary

CVE-2024-0643 is a vulnerability affecting the C21 Live Encoder and Live Mosaic product, version 5.3. This issue permits remote attackers to upload files with dangerous file types without restriction. The consequence of this vulnerability is a full system compromise. Unchecked file uploads can lead to the execution of malicious code, potentially granting an attacker complete control over the system. This vulnerability poses a significant risk to organizations using this product and should be addressed promptly through an update or patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uLPK7d
https://www.cve.org/CVERecord?id=CVE-2024-0643
https://nvd.nist.gov/vuln/detail/CVE-2024-0643

Back to Vulnerability Database

CVE-2024-0643

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations