WEB WWBN AVideo submitIndex.php unauthenticated Remote Code Execution (CVE-2024-31819)

Rule ID

1234838

Severity

Critical

Description

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

Impact

Remote command execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2024-31819

msf

T1059

Keywords

N/A

Date Created

2024/04/29

Last Updated

2024/05/30

This website uses cookies to ensure you get the best experience on our website.

Learn more