How severe is CVE-2024-6829?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2024-6829?

This is classified as CWE-73, which is a common weakness in software security.

CVE-2024-6829

CRITICAL Year: 2024

CVSS v3 Score

9.1

Critical

Weakness Type

CWE-73

View all →

Vulnerability Description

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the `tarfile.extractall()` function to extract the contents of a maliciously crafted tarfile to arbitrary locations on the host server. The attacker can control `repo.path` and `run_hash` to bypass directory existence checks and extract files to unintended locations, potentially overwriting critical files. This can lead to arbitrary data being written to arbitrary locations on the remote tracking server, which could be used for further attacks such as writing a new SSH key to the target server.

CVE-2024-10834

CRITICAL

CVSS:9.1(Critical)

eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `...

CWE-732024

CVE-2024-10902

CRITICAL

CVSS:9.1(Critical)

In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /v1/personal/agent/upload` is vulnerable to Arbitrary File Upload with Path Traversal. This vulnerability allows unauthorized attackers to uplo...

CWE-732024

CVE-2024-38657

CRITICAL

CVSS:9.1(Critical)

External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write ...

CWE-732024

CVE-2025-2004

CRITICAL

CVSS:9.1(Critical)

The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpe_delete_file AJAX action in all versions up to, and including, 1.8...

CWE-732025

CVE-2025-2409

HIGH

CVSS:9.1(Critical)

File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08...

CWE-732025

CVE-2025-4603

CRITICAL

CVSS:9.1(Critical)

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, ...

CWE-732025

CVE-2024-6829

Vulnerability Description

Related Vulnerabilities

CVE-2024-10834

CVE-2024-10902

CVE-2024-38657

CVE-2025-2004

CVE-2025-2409

CVE-2025-4603