CVE-2024-46939

Published Nov 28, 2024

Last updated 3 months ago

Overview

Description: The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers can construct parameters to perform path traversal attacks, which can overwrite local specific files
Source: security@vivo.com
NVD status: Received

Risk scores

CVSS 4.0

Type: Secondary
Base score: 2.4
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:X/U:X
Severity: LOW

Weaknesses

security@vivo.com: CWE-22

Hype score: Not currently trending

CVE-2024-46939 Path Traversal Vulnerability in Game Extension Engine Pre-1.2.7.0 The game extension engine version 1.2.7.0 and earlier has a vulnerability. It lets attackers create parameters for path traversal a... https://t.co/LEHhtjmhDa
@VulmonFeeds
28 Nov 2024
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References