CVE-2024-8651

Name of the Vulnerable Software and Affected Versions: NetCat CMS versions 6.4.0.24126.2 through 6.4.0.24247

Description: A vulnerability in NetCat CMS allows an attacker to send a specially crafted HTTP request to check whether a user exists in the system. This issue could be a basis for further attacks. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations: For NetCat CMS versions 6.4.0.24126.2 through 6.4.0.24247, apply the patch from the vendor. Versions 6.4.0.24248 and later have the patch applied. As a temporary workaround, consider restricting access to the HTTP request functionality until the patch is applied.