- Description
- DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.
- Source
- twcert@cert.org.tw
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- twcert@cert.org.tw
- CWE-434
- Hype score
- Not currently trending
CVE-2024-11979 (CVSS:9.8, CRITICAL) is Awaiting Analysis. DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of uploaded files. This all..https://t.co/DkITgQkJct #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
4 Dec 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11979 DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload… https://t.co/C9QdPpdBhC
@CVEnew
29 Nov 2024
553 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-11979: CRITICAL] DreamMaker software from Interinfo has a Path Traversal vulnerability, enabling unauthorized remote attackers to upload malicious files and execute arbitrary code. #CyberSecurity#cybersecurity,#vulnerability https://t.co/TEPyJRhTou https://t.co/z69VBcTA
@CveFindCom
29 Nov 2024
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes