CVE-2024-1651

CVSS 3.1 Score 10.0 of 10 (high)

Details

Published Feb 20, 2024

CWE ID 502

Summary

CVE-2024-1651 is a newly identified vulnerability affecting Torrentpier version 2.4.1. Malicious actors can exploit this issue to execute arbitrary commands on the server. The cause of this vulnerability is insecure deserialization, a common programming error that allows attackers to insert malicious data into a system and execute it with the privileges of the application. This can lead to serious consequences, including data theft, unauthorized access, and server compromise. Users are strongly urged to update to the latest version of Torrentpier to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ulMVnI
https://www.cve.org/CVERecord?id=CVE-2024-1651
https://nvd.nist.gov/vuln/detail/CVE-2024-1651

Back to Vulnerability Database

CVE-2024-1651

CVSS 3.1 Score 10.0 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations