CVE-2024-45256 in BYOBinfo

Zusammenfassung

von MITRE • 26.08.2024

An arbitrary file write issue in the exfiltration endpoint in BYOB (Build Your Own Botnet) 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted parameter. This occurs in file_add in api/files/routes.py.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

MITRE

Reservieren

25.08.2024

Veröffentlichung

26.08.2024

Moderieren

akzeptiert

Eintrag

VDB-275757

CPE

bereit

CWE

CWE-284 (bestätigt)

Exploit

Download

CVSS

9.8 (CNA)

EPSS

0.50868

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-45256
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-45256
CVE Details	https://www.cvedetails.com/cve/CVE-2024-45256/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!