Back

CVE-2024-28269

April 30, 2024, 7:35 p.m.

Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

Products

ReCrystallize Server

  • 5.10.0.0

Source

cve@mitre.org

Tags

CVE-2024-28269 details

Published : April 30, 2024, 7:15 p.m.
Last Modified : April 30, 2024, 7:35 p.m.

Description

ReCrystallize Server 5.10.0.0 allows administrators to upload files to the server. The file upload is not restricted, leading to the ability to upload of malicious files. This could result in a Remote Code Execution.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/ cve@mitre.org
https://www.recrystallize.com/merchant/ReCrystallize-Server-for-Crysta cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.