Overview
- Description
- Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server.
- Source
- twcert@cert.org.tw
- NVD status
- Undergoing Analysis
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- twcert@cert.org.tw
- CWE-434
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🚨 CVE-2024-11018 (Published: 2024-11-11) - A critical vulnerability in Grand Vice Info affects multiple versions. Ensure your systems are updated to the latest patches to mitigate risks. For detailed remediation steps, visit: https://t.co/8lJqszla23 #CyberSecurity #CVE
@transilienceai
15 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11018 Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could le… https://t.co/W6i5gKXcfB
@CVEnew
11 Nov 2024
465 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-11018: CRITICAL] Grand Vice info's Webopac lacks proper file type validation, enabling attackers to upload and execute webshells remotely, potentially leading to server compromise. #cybersecurity#cybersecurity,#vulnerability https://t.co/cwk8lcsDnS https://t.co/m7w46N1H
@CveFindCom
11 Nov 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes