Today > 6 Critical | 25 High | 23 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-11839

Dec. 13, 2024, 6:15 a.m.

Product(s) Impacted

PlexTrac

  • 1.61.3 - 2.8.1

Description

Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1.

Weaknesses

CWE-502
Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CWE ID: 502

Date

Published: Dec. 13, 2024, 6:15 a.m.

Last Modified: Dec. 13, 2024, 6:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

5fea7123-217b-4b2d-ada8-8892719b43cd

References

https://docs.plextrac.com/ 5fea7123-217b-4b2d-ada8-8892719b43cd