PT-2024-31904 · Unknown · Scriptcase
Published
2024-10-01
·
Updated
2024-10-04
·
CVE-2024-46084
CVSS v3.1
8.0
High
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Scriptcase versions 9.10.023 and earlier
Description
The issue is a Remote Code Execution (RCE) vulnerability via the
nm unzip function. This allows for remote code execution, potentially leading to unauthorized access and control of the system.Recommendations
For Scriptcase versions 9.10.023 and earlier, as a temporary workaround, consider disabling the
nm unzip function until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Scriptcase