CVE-2024-11485

Summary

CVE-2024-11485 is a critical vulnerability affecting the Code4Berry Decoration Management System 1.0. This issue pertains to a previously unknown functionality within the file /decoration/admin/userregister.php, specifically within the User Handler component. Successful exploitation of this vulnerability results in permission issues, potentially allowing remote attackers to gain unauthorized access. The exploit for this vulnerability has been publicly disclosed, increasing the risk for potential attacks. Despite early notification from security researchers, the vendor has yet to respond or issue a patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.