CVE-2024-57707

Name of the Vulnerable Software and Affected Versions DataEase version 1

Description An issue in DataEase allows an attacker to execute arbitrary code via the user account and password components, specifically through the username and password variables. This issue does not specify the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited.

Recommendations For DataEase version 1, as a temporary workaround, consider restricting access to the user account and password components until a patch is available. Avoid using the username and password variables in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.