- Description
- A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 5.5
- Impact score
- 4.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:P/A:P
- cna@vuldb.com
- CWE-22
- Hype score
- Not currently trending
🔒 CVE-2024-11239 (Published: 2024-11-15) - A high-severity vulnerability in CoinlsMoney affects multiple versions. Users are urged to update to the latest release to mitigate risks. For detailed remediation steps, check the guide here: https://t.co/sWj5q8uxqp #CyberSecurity… htt
@transilienceai
17 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11239 (Published: 11/15/2024) - A critical vulnerability in Landray nan affects multiple versions. Users are urged to update to the latest patch immediately to mitigate risks. For detailed remediation steps, check the guide here: https://t.co/sWj5q8uxqp #CyberSecurity
@transilienceai
17 Nov 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11239 Critical Path Traversal Vulnerability in Landray EKP Up to 16.0 A critical vulnerability exists in Landray EKP up to version 16.0. This issue affects the deleteFile function in the file /sys/common... https://t.co/AmUVadZdlq
@VulmonFeeds
15 Nov 2024
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11239 A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import… https://t.co/QNTXE30XmA
@CVEnew
15 Nov 2024
302 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:landray:landray_ekp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBA90B1A-4F23-4F35-A470-6AA73B36019D",
"versionEndIncluding": "16.0"
}
],
"operator": "OR"
}
]
}
]