PT-2024-37934 · Unknown · Soap Cgi.Pyc
Jaggar Henry
·
Published
2024-08-07
·
Updated
2026-04-14
·
CVE-2024-6893
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
soap cgi.pyc (affected versions not specified)
Description
The issue allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources by including references to external entities in the XML body of SOAP requests to the "soap cgi.pyc" API handler.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Soap Cgi.Pyc