CVE-2024-37769

Name of the Vulnerable Software and Affected Versions 14Finger version 1.1

Description Insecure permissions in the software allow attackers to escalate privileges from a normal user to Administrator via a crafted POST request. This issue can be exploited by sending a manipulated POST request to gain elevated access.

Recommendations For version 1.1, consider restricting access to the software until a patch is available, and avoid using the software for sensitive operations. As a temporary workaround, restrict the privileges of the user account used to run the software to minimize the risk of exploitation.