Common Weakness Enumeration

CWE-489

Allowed

Active Debug Code

Abstraction: Base · Status: Draft

The product is released with debugging code still enabled or active.

141 vulnerabilities reference this CWE, most recent first.

GHSA-5MXX-VM3F-3VGH

Vulnerability from github – Published: 2024-07-08 18:31 – Updated: 2025-11-04 18:31
VLAI
Details

Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-49593"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-08T16:15:05Z",
    "severity": "HIGH"
  },
  "details": "Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.",
  "id": "GHSA-5mxx-vm3f-3vgh",
  "modified": "2025-11-04T18:31:07Z",
  "published": "2024-07-08T18:31:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49593"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1873"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1873"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5Q7P-2366-VGCC

Vulnerability from github – Published: 2025-04-27 03:30 – Updated: 2025-04-27 03:30
VLAI
Details

NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-46674"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-27T01:15:44Z",
    "severity": "LOW"
  },
  "details": "NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.",
  "id": "GHSA-5q7p-2366-vgcc",
  "modified": "2025-04-27T03:30:22Z",
  "published": "2025-04-27T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46674"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/pull/365"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2"
    },
    {
      "type": "WEB",
      "url": "https://securitybynature.fr/post/hacking-cryptolib"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5VQR-4FRG-F9G2

Vulnerability from github – Published: 2023-06-08 21:30 – Updated: 2024-04-04 04:40
VLAI
Details

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0954"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-08T21:15:16Z",
    "severity": "CRITICAL"
  },
  "details": "A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.",
  "id": "GHSA-5vqr-4frg-f9g2",
  "modified": "2024-04-04T04:40:56Z",
  "published": "2023-06-08T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0954"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02"
    },
    {
      "type": "WEB",
      "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6QW8-8CXV-PPJJ

Vulnerability from github – Published: 2022-10-25 19:00 – Updated: 2022-10-26 19:00
VLAI
Details

A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to denial of service. An attacker can send a malicious XML payload to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32760"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-25T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to denial of service. An attacker can send a malicious XML payload to trigger this vulnerability.",
  "id": "GHSA-6qw8-8cxv-ppjj",
  "modified": "2022-10-26T19:00:39Z",
  "published": "2022-10-25T19:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32760"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1555"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-77QV-4R48-J87R

Vulnerability from github – Published: 2022-04-15 00:00 – Updated: 2022-04-22 00:00
VLAI
Details

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-25156"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-14T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root.",
  "id": "GHSA-77qv-4r48-j87r",
  "modified": "2022-04-22T00:00:48Z",
  "published": "2022-04-15T00:00:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25156"
    },
    {
      "type": "WEB",
      "url": "https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-20-296-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7CWR-3892-8M78

Vulnerability from github – Published: 2025-07-22 12:30 – Updated: 2025-07-22 12:30
VLAI
Details

: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7705"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-22T12:15:26Z",
    "severity": "HIGH"
  },
  "details": ": Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions.",
  "id": "GHSA-7cwr-3892-8m78",
  "modified": "2025-07-22T12:30:44Z",
  "published": "2025-07-22T12:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7705"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A4556\u0026LanguageCode=en\u0026DocumentPartId=pdf\u0026Action=Launch\u0026_gl=1*1sgofnl*_gcl_au*MjA0NTI4OTE1Mi4xNzUzMTgxNTA2*_ga*MTIxMTUxMzg5MS4xNzUzMTgxNTA3*_ga_46ZFBRSZNM*czE3NTMxODE1MDckbzEkZzEkdDE3NTMxODE2MDIkajYwJGwwJGgw"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-88WP-W57J-8X7M

Vulnerability from github – Published: 2025-02-11 12:30 – Updated: 2025-02-11 12:30
VLAI
Details

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.90), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.90), SIPROTEC 5 6MD89 (CP300) (All versions < V9.90), SIPROTEC 5 6MU85 (CP300) (All versions < V9.90), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.90), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.90), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.90), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.90), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.90), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.90), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.90), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.90), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.90), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.90), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.90), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.90), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.90), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.90), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.90), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.90), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions < V9.90), SIPROTEC 5 7SX85 (CP300) (All versions < V9.90), SIPROTEC 5 7SY82 (CP150) (All versions < V9.90), SIPROTEC 5 7UM85 (CP300) (All versions < V9.90), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.90), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.90), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.90), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.90), SIPROTEC 5 7VE85 (CP300) (All versions < V9.90), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.90), SIPROTEC 5 7VU85 (CP300) (All versions < V9.90), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.90). Affected devices do not properly limit access to a development shell accessible over a physical interface. This could allow an unauthenticated attacker with physical access to the device to execute arbitrary commands on the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53648"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-11T11:15:14Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions \u003c V9.90), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions \u003c V9.90), SIPROTEC 5 6MD89 (CP300) (All versions \u003c V9.90), SIPROTEC 5 6MU85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7SX85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7SY82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7UM85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions \u003c V9.90), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7VE85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions \u003c V9.90), SIPROTEC 5 7VU85 (CP300) (All versions \u003c V9.90), SIPROTEC 5 Compact 7SX800 (CP050) (All versions \u003c V9.90). Affected devices do not properly limit access to a development shell accessible over a physical interface. This could allow an unauthenticated attacker with physical access to the device to execute arbitrary commands on the device.",
  "id": "GHSA-88wp-w57j-8x7m",
  "modified": "2025-02-11T12:30:54Z",
  "published": "2025-02-11T12:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53648"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-687955.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-8WM5-MX8V-3JPF

Vulnerability from github – Published: 2024-04-24 06:30 – Updated: 2024-07-08 15:31
VLAI
Details

Active debug code vulnerability exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may perform unauthorized operations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-31406"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-24T06:15:13Z",
    "severity": "HIGH"
  },
  "details": "Active debug code vulnerability exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may perform unauthorized operations.",
  "id": "GHSA-8wm5-mx8v-3jpf",
  "modified": "2024-07-08T15:31:54Z",
  "published": "2024-04-24T06:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31406"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN62737544"
    },
    {
      "type": "WEB",
      "url": "https://www.roamwifi.hk/product.jsp"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92WX-PXCH-P9PX

Vulnerability from github – Published: 2026-04-09 00:31 – Updated: 2026-04-09 00:31
VLAI
Details

Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by default. The debug configuration value is read as a string and passed directly to app.run(), causing any non-empty string to evaluate truthy, allowing attackers to access the Werkzeug debugger and disclose sensitive information or achieve remote code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-40035"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-08T22:16:24Z",
    "severity": "CRITICAL"
  },
  "details": "Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by default. The debug configuration value is read as a string and passed directly to app.run(), causing any non-empty string to evaluate truthy, allowing attackers to access the Werkzeug debugger and disclose sensitive information or achieve remote code execution.",
  "id": "GHSA-92wx-pxch-p9px",
  "modified": "2026-04-09T00:31:59Z",
  "published": "2026-04-09T00:31:59Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/obsidianforensics/unfurl/security/advisories/GHSA-vg9h-jx4v-cwx2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40035"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/dfir-unfurl-werkzeug-debugger-exposure-via-string-config-parsing"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-9G66-W5HJ-VHX4

Vulnerability from github – Published: 2024-09-13 21:31 – Updated: 2024-09-16 18:31
VLAI
Details

In TBD of TBD, there is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-44092"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-489"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-13T21:15:10Z",
    "severity": "HIGH"
  },
  "details": "In TBD of TBD, there is a possible LCS signing enforcement missing  due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-9g66-w5hj-vhx4",
  "modified": "2024-09-16T18:31:20Z",
  "published": "2024-09-13T21:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-44092"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2024-09-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Build and Compilation Distribution

Remove debug code before deploying the application.

CAPEC-121: Exploit Non-Production Interfaces

An adversary exploits a sample, demonstration, test, or debug interface that is unintentionally enabled on a production system, with the goal of gleaning information or leveraging functionality that would otherwise be unavailable.

CAPEC-661: Root/Jailbreak Detection Evasion via Debugging

An adversary inserts a debugger into the program entry point of a mobile application to modify the application binary, with the goal of evading Root/Jailbreak detection. Mobile device users often Root/Jailbreak their devices in order to gain administrative control over the mobile operating system and/or to install third-party mobile applications that are not provided by authorized application stores (e.g. Google Play Store and Apple App Store). Rooting/Jailbreaking a mobile device also provides users with access to system debuggers and disassemblers, which can be leveraged to exploit applications by dumping the application's memory at runtime in order to remove or bypass signature verification methods. This further allows the adversary to evade Root/Jailbreak detection mechanisms, which can result in execution of administrative commands, obtaining confidential data, impersonating legitimate users of the application, and more.