PT-2024-15493 · Deshang · Deshang Dso2O

Glzjin

Published

2024-01-09

Updated

2024-05-17

CVE-2024-0358

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions DeShang DSO2O versions up to 4.1.0

Description A critical issue has been found, affecting an unknown part of the file /install/install.php. This leads to improper access controls and can be initiated remotely. The exploit has been disclosed publicly.

Recommendations For DeShang DSO2O versions up to 4.1.0, consider restricting access to the /install/install.php file until a patch is available. As a temporary workaround, review and strengthen access controls to minimize the risk of exploitation.

Exploit

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2024-0358

Affected Products

Deshang Dso2O

PT-2024-15493 · Deshang · Deshang Dso2O

CVE-2024-0358

Weakness Enumeration

Related Identifiers

Affected Products

References · 7