CVE-2024-44808

Name of the Vulnerable Software and Affected Versions Vypor Attack API System version 1.0

Description An issue in the Vypor Attack API System allows a remote attacker to execute arbitrary code via the user GET parameter. This enables the attacker to run any code, posing a significant security risk.

Recommendations For Vypor Attack API System version 1.0, consider restricting access to the API endpoint that accepts the user GET parameter until a patch is available. As a temporary workaround, avoid using the user parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.