CVE-2024-24393

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 8, 2024

Updated: Jun 7, 2024

CWE ID 434

Summary

CVE-2024-24393 is a file upload vulnerability affecting the index.php file in Pichome version 1.1.01. A remote attacker can exploit this issue by sending a crafted POST request, allowing them to execute arbitrary code. Successful exploitation could lead to serious consequences, including unauthorized system access or data theft. Users are strongly urged to update their Pichome installation as soon as possible to mitigate this risk. Failure to do so may leave systems vulnerable to attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uRoXJr
https://www.cve.org/CVERecord?id=CVE-2024-24393
https://nvd.nist.gov/vuln/detail/CVE-2024-24393

Back to Vulnerability Database

CVE-2024-24393

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations