CVE-2024-24621
CVSS V2 None
CVSS V3 None
Description
Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers can exploit this vulnerability to gain full server access as the root user.
Overview
- CVE ID
- CVE-2024-24621
- Assigner
- XI
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-25T21:44:48.110Z
- Last Modified Date
- 2024-07-25T21:44:48.110Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://blog.exodusintel.com/2024/07/25/softaculous-webuzo-authentication-bypass/ | third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-24621 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24621 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-26 13:05:50 | Added to TrackCVE |