How severe is CVE-2024-7458?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-7458?

This is classified as CWE-27, which is a common weakness in software security.

CVE-2024-7458 - MEDIUM Severity | CVSS 9.8

Vulnerability Description

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversal: 'dir/../../filename'. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273551.

Related Vulnerabilities

CVE-2024-24809

HIGH

CVSS:8.5(High)

Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by defau...

CWE-272024

CVE-2024-21896

HIGH

CVSS:7.9(High)

The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.f...

CWE-272024

CVE-2024-24809

HIGH

CVSS:8.5(High)

CWE-272024

CVE-2024-21896

HIGH

CVSS:7.9(High)

CWE-272024

CVE-2021-35027

HIGH

CVSS:7.5(High)

A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information.

CWE-272021

CVE-2024-20348

HIGH

CVSS:7.5(High)

A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to read arbitrary files. This vul...

CWE-272024