CVE-2024-24623

Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality. A remote, authenticated attacker can exploit this vulnerability to gain code execution on the system.
Configurations

Configuration 1 (hide)

cpe:2.3:a:softaculous:webuzo:*:*:*:*:*:*:*:*

History

30 Jul 2024, 15:35

Type Values Removed Values Added
CPE cpe:2.3:a:softaculous:webuzo:*:*:*:*:*:*:*:*
References () https://blog.exodusintel.com/2024/07/25/softaculous-webuzo-ftp-management-command-injection/ - () https://blog.exodusintel.com/2024/07/25/softaculous-webuzo-ftp-management-command-injection/ - Third Party Advisory
First Time Softaculous
Softaculous webuzo

26 Jul 2024, 12:38

Type Values Removed Values Added
Summary
  • (es) Softaculous Webuzo contiene una vulnerabilidad de inyección de comandos en la funcionalidad de administración de FTP. Un atacante remoto y autenticado puede aprovechar esta vulnerabilidad para obtener la ejecución de código en el sistema.

25 Jul 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-25 22:15

Updated : 2024-08-02 00:15


NVD link : CVE-2024-24623

Mitre link : CVE-2024-24623

CVE.ORG link : CVE-2024-24623


JSON object : View

Products Affected

softaculous

  • webuzo
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')