CVE-2024-36427

May 29, 2024, 7:50 p.m.

Tags

cve@mitre.org
2024-05-29
CVE-2024-36427

Product(s) Impacted

TARGIT Decision Suite

  • 23.2.15007

Description

The file-serving function in TARGIT Decision Suite 23.2.15007 allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.

Weaknesses

Date

Published: May 29, 2024, 4:15 p.m.

Last Modified: May 29, 2024, 7:50 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/DMCERTCE/DecisionSuite_Path_Traversal_SSRF
cve@mitre.org