CVE-2024-48069

EUVD-2024-43167
A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
weavere-cology
9.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/CoinIsMoney/5dd555805e8f974630ced8a1df8182f1
https://github.com/stuven1989/TemporaryGuild/blob/main/guild2.md