CVE-2024-1116

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 31, 2024

Updated: May 17, 2024

CWE ID 434

Summary

CVE-2024-1116 is a critical vulnerability affecting openBI up to version 1.0.8. The issue lies within the Upload.php file's index function, which allows for unrestricted uploads. An attacker can exploit this remotely, leading to potential security risks. The exploit for this vulnerability has been disclosed to the public, increasing the threat level. VDB-252474 is the assigned identifier for this security weakness.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uWaK6-
https://www.cve.org/CVERecord?id=CVE-2024-1116
https://nvd.nist.gov/vuln/detail/CVE-2024-1116

Back to Vulnerability Database

CVE-2024-1116

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations