CVE-2024-32880
CVSS V2 None
CVSS V3 None
Description
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.
Overview
- CVE ID
- CVE-2024-32880
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-26T17:30:24.685Z
- Last Modified Date
- 2024-06-04T17:51:11.607Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/pyload/pyload/security/advisories/GHSA-3f7w-p8vr-4v5f | x_refsource_CONFIRM |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-32880 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32880 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 08:32:32 | Added to TrackCVE |