CVE-2024-22638

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 25, 2024

Updated: Apr 23, 2024

Summary

CVE-2024-22638 is a newly disclosed remote code execution (RCE) vulnerability affecting liveSite v2019.1. Hackers can exploit this flaw by targeting the /livesite/edit_designer_region.php or /livesite/add_email_campaign.php components. Successful exploitation grants attackers the ability to execute arbitrary code on the affected system, potentially leading to serious data breaches or unauthorized system access. Users are strongly encouraged to update to a patched version of liveSite as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

LiveSite

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uGxwr5
https://www.cve.org/CVERecord?id=CVE-2024-22638
https://nvd.nist.gov/vuln/detail/CVE-2024-22638

Back to Vulnerability Database

CVE-2024-22638

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations