CVE-2024-5732

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 7, 2024

Updated: Jun 11, 2024

CWE ID 287

Summary

CVE-2024-5732 is a critical vulnerability affecting Clash version 0.20.1 on Windows. The issue lies within the Proxy Port component, which is subject to improper authentication. An attacker can exploit this remotely, taking advantage of unknown code and gaining unauthorized access. The exploit has already been disclosed to the public, increasing the risk for potential attacks. It is strongly advised to update the configuration settings to mitigate this vulnerability, and VDB-267406 has been assigned as its identifier.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Clash

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wVLvQG
https://www.cve.org/CVERecord?id=CVE-2024-5732
https://nvd.nist.gov/vuln/detail/CVE-2024-5732

Back to Vulnerability Database

CVE-2024-5732

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations