CVE-2024-2014

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Mar 21, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-2014 is a newly disclosed critical vulnerability affecting Panabit Panalog 202103080942. The issue lies within the unknown code of the file /Maintain/sprog_upstatus.php, allowing an attacker to execute SQL injection through the manipulation of the argument id. This vulnerability can be exploited remotely, and the exploit has been made public. The identifier for this vulnerability is VDB-255268. Regrettably, the vendor has not responded to early disclosure efforts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/us4bdS
https://www.cve.org/CVERecord?id=CVE-2024-2014
https://nvd.nist.gov/vuln/detail/CVE-2024-2014

Back to Vulnerability Database

CVE-2024-2014

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations