PT-2024-33240 · Unknown · Automatic Systems Maintenance Slimlane
Published
2024-10-14
·
Updated
2024-10-19
·
CVE-2024-48822
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Automatic Systems Maintenance SlimLane version 29565 d74ecce0c1081d50546db573a499941b10799fb7
Description
The issue allows a remote attacker to escalate privileges via the FtpConfig.php page. This can grant unauthorized access, potentially leading to system takeover.
Recommendations
For version 29565 d74ecce0c1081d50546db573a499941b10799fb7, patch immediately to prevent system takeover. As a temporary workaround, consider restricting access to the FtpConfig.php page until a patch is available.
Fix
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Automatic Systems Maintenance Slimlane