Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-288
Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
CVE-2024-47406 (GCVE-0-2024-47406)
Vulnerability from cvelistv5 – Published: 2024-10-25 06:18 – Updated: 2024-10-25 18:38
VLAI
Summary
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
28 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sharp Corporation | Sharp Digital Full-color MFPs and Monochrome MFPs |
Affected:
see the information provided by Sharp Corporation
|
|
| Toshiba Tec Corporation | e-STUDIO 908 |
Affected:
T2.12.h3.00 and earlier versions
|
|
| Toshiba Tec Corporation | e-STUDIO 1058 |
Affected:
T1.01.h4.00 and earlier versions
|
|
| Toshiba Tec Corporation | e-STUDIO 1208 |
Affected:
T1.01.h4.00 and earlier versions
|
|
| sharp | bp-90c80_firmware |
Affected:
0 , ≤ 210
(custom)
cpe:2.3:o:sharp:bp-90c70_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-90c80_firmware:*:*:*:*:*:*:*:* |
|
| sharp | bp-70c65_firmware |
Affected:
0 , ≤ 320
(custom)
cpe:2.3:o:sharp:bp-50c26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c65_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-55c26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c65_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-8081_firmware |
Affected:
0 , ≤ 160
(custom)
cpe:2.3:o:sharp:mx-7081_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-8081_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-b476wh_firmware |
Affected:
0 , ≤ 413
(custom)
cpe:2.3:o:sharp:mx-b356w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b356wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b376w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b376wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b456w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b456wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b476w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b476wh_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m905_firmware |
Affected:
0 , ≤ 612
(custom)
cpe:2.3:o:sharp:mx-m905_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-6071s_firmware |
Affected:
0 , ≤ 613
(custom)
cpe:2.3:o:sharp:mx-2651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3061_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3061s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3551_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3561_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3561s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3571_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3571s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4061_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4061s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6071s_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-30c25_firmware |
Affected:
0 , ≤ 130
(custom)
cpe:2.3:o:sharp:bp-30c25t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25y_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25z_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-7580n_firmware |
Affected:
0 , ≤ 503
(custom)
cpe:2.3:o:sharp:mx-6580n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-7580n_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-8090n_firmware |
Affected:
0 , ≤ 405
(custom)
cpe:2.3:o:sharp:mx-7090n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-8090n_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-6070v_firmware |
Affected:
0 , ≤ 802
(custom)
cpe:2.3:o:sharp:mx-2630n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3550n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3550v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3060n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3060v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3560n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3560v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3570n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3570v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4060n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4060v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070v_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-c545wd_firmware |
Affected:
0 , ≤ 262
(custom)
cpe:2.3:o:sharp:bp-c533wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c533wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c535wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c535wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c542wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c545wd_firmware:*:*:*:*:*:*:*:* |
|
| sharp | mx-c304wh_firmware |
Affected:
0 , ≤ 520
(custom)
cpe:2.3:o:sharp:mx-c303_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c303w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c303wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304wh_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-70m90_firmware |
Affected:
0 , ≤ 310
(custom)
cpe:2.3:o:sharp:bp-70m75_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m90_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-70m65_firmware |
Affected:
0 , ≤ 320
(custom)
cpe:2.3:o:sharp:bp-50m26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m50_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m65_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m1206_firmware |
Affected:
0 , ≤ 200
(custom)
cpe:2.3:o:sharp:mx-m1056_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m1206_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m7570_firmware |
Affected:
0 , ≤ 456
(custom)
cpe:2.3:o:sharp:mx-m6570_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m7570_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m6071s_firmware |
Affected:
0 , ≤ 413
(custom)
cpe:2.3:o:sharp:mx-m5051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3551_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3571_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3571s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6071s_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-30m35t_firmware |
Affected:
0 , ≤ 220
(custom)
cpe:2.3:o:sharp:bp-30m28_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m28t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m31t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m35_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m35t_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m6070_firmware |
Affected:
0 , ≤ 503
(custom)
cpe:2.3:o:sharp:mx-m3550_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2630_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2630_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3050_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3570_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6070_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-b550wd_firmware |
Affected:
0 , ≤ 260
(custom)
cpe:2.3:o:sharp:bp-b537wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b540wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b547wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b550wd_firmware:*:*:*:*:*:*:*:* |
|
| sharp | mx-b455wz_firmware |
Affected:
0 , ≤ 404
(custom)
cpe:2.3:o:sharp:mx-b355w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b355wt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b355wz_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455wt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455wz_firmware:-:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-908_firmware |
Affected:
0 , ≤ t2.12.h3.00
(custom)
cpe:2.3:o:toshibatec:e-studio-908_firmware:*:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-1058_firmware |
Affected:
0 , ≤ t1.01.h4.00
(custom)
cpe:2.3:o:toshibatec:e-studio-1058_firmware:*:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-1208_firmware |
Affected:
0 , ≤ t1.01.h4.00
(custom)
cpe:2.3:o:toshibatec:e-studio-1208_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sharp:bp-90c70_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-90c80_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-90c80_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "210",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-50c26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c65_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-55c26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c65_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70c65_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "320",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-7081_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-8081_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-8081_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-b356w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b356wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b376w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b376wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b456w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b456wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b476w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b476wh_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-b476wh_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "413",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m905_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m905_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "612",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-2651_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3061_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3061s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3561_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3561s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3571s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4061_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4061s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6071s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-6071s_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "613",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-30c25t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25z_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-30c25_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "130",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-6580n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-7580n_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-7580n_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "503",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-7090n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-8090n_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-8090n_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "405",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-2630n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3550n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3550v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3060n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3060v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3560n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3560v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3570n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3570v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4060n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4060v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070v_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-6070v_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-c533wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c533wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c535wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c535wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c542wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c545wd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-c545wd_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "262",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-c303_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c303w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c303wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304wh_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-c304wh_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "520",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-70m75_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m90_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70m90_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-50m26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m50_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m65_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70m65_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "320",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m1056_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m1206_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m1206_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "200",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m6570_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m7570_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m7570_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "456",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m5051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2651_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3571s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6071s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m6071s_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "413",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-30m28_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m28t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m31t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m35_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m35t_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-30m35t_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "220",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m3550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2630_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2630_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3050_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3570_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6070_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m6070_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "503",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-b537wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b540wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b547wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b550wd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-b550wd_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "260",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-b355w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b355wt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b355wz_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455wt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455wz_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-b455wz_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "404",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-908_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-908_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t2.12.h3.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-1058_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-1058_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t1.01.h4.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-1208_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-1208_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t1.01.h4.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T18:33:07.833042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T18:38:24.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sharp Digital Full-color MFPs and Monochrome MFPs",
"vendor": "Sharp Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by Sharp Corporation"
}
]
},
{
"product": "e-STUDIO 908",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T2.12.h3.00 and earlier versions"
}
]
},
{
"product": "e-STUDIO 1058",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T1.01.h4.00 and earlier versions"
}
]
},
{
"product": "e-STUDIO 1208",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T1.01.h4.00 and earlier versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T09:02:10.791Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU95063136/"
},
{
"url": "https://global.sharp/products/copier/info/info_security_2024-10.html"
},
{
"url": "https://www.toshibatec.com/information/20241025_01.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-47406",
"datePublished": "2024-10-25T06:18:36.274Z",
"dateReserved": "2024-10-16T05:26:40.226Z",
"dateUpdated": "2024-10-25T18:38:24.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47574 (GCVE-0-2024-47574)
Vulnerability from cvelistv5 – Published: 2024-11-13 11:15 – Updated: 2024-11-13 14:43
VLAI
Summary
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Improper access control
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiClientWindows |
Affected:
7.4.0
Affected: 7.2.0 , ≤ 7.2.4 (semver) Affected: 7.0.0 , ≤ 7.0.12 (semver) Affected: 6.4.0 , ≤ 6.4.10 (semver) |
|
| fortinet | forticlientwindows |
Affected:
7.4.0
Affected: 7.2.0 , ≤ 7.2.4 (semver) Affected: 7.0.0 , ≤ 7.0.12 (semver) Affected: 6.4.0 , ≤ 6.4.10 (semver) cpe:2.3:a:fortinet:forticlientwindows:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:forticlientwindows:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "forticlientwindows",
"vendor": "fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.10",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47574",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T14:40:12.257561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T14:43:08.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiClientWindows",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.10",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T11:15:04.046Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-199",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-199"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiClientWindows version 7.4.1 or above \nPlease upgrade to FortiClientWindows version 7.2.5 or above \nPlease upgrade to FortiClientWindows version 7.0.13 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-47574",
"datePublished": "2024-11-13T11:15:04.046Z",
"dateReserved": "2024-09-27T16:19:24.136Z",
"dateUpdated": "2024-11-13T14:43:08.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49247 (GCVE-0-2024-49247)
Vulnerability from cvelistv5 – Published: 2024-10-16 12:31 – Updated: 2026-04-29 09:51
VLAI
Title
WordPress BuddyPress Better Registration plugin <= 1.6 - Broken Authentication vulnerability
Summary
Authentication Bypass Using an Alternate Path or Channel vulnerability in SK BuddyPress Better Registration better-bp-registration allows Authentication Bypass.This issue affects BuddyPress Better Registration: from n/a through <= 1.6.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| SK | BuddyPress Better Registration |
Affected:
0 , ≤ 1.6
(custom)
|
|
| oc2ps | better-bp-registration |
Affected:
0 , ≤ 1.6
(custom)
cpe:2.3:a:oc2ps:better-bp-registration:*:*:*:*:*:*:*:* |
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:oc2ps:better-bp-registration:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "better-bp-registration",
"vendor": "oc2ps",
"versions": [
{
"lessThanOrEqual": "1.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T15:21:12.781946Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T15:26:17.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "better-bp-registration",
"product": "BuddyPress Better Registration",
"vendor": "SK",
"versions": [
{
"lessThanOrEqual": "1.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:02.277Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in SK BuddyPress Better Registration better-bp-registration allows Authentication Bypass.\u003cp\u003eThis issue affects BuddyPress Better Registration: from n/a through \u003c= 1.6.\u003c/p\u003e"
}
],
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in SK BuddyPress Better Registration better-bp-registration allows Authentication Bypass.This issue affects BuddyPress Better Registration: from n/a through \u003c= 1.6."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T09:51:53.348Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/better-bp-registration/vulnerability/wordpress-buddypress-better-registration-plugin-1-6-broken-authentication-vulnerability?_s_id=cve"
}
],
"title": "WordPress BuddyPress Better Registration plugin \u003c= 1.6 - Broken Authentication vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-49247",
"datePublished": "2024-10-16T12:31:02.405Z",
"dateReserved": "2024-10-14T10:39:26.354Z",
"dateUpdated": "2026-04-29T09:51:53.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-49328 (GCVE-0-2024-49328)
Vulnerability from cvelistv5 – Published: 2024-10-20 07:58 – Updated: 2026-04-28 16:10
VLAI
Title
WordPress WP REST API FNS Plugin plugin <= 1.0.0 - Account Takeover vulnerability
Summary
Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through <= 1.0.0.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| vivek2tamrakar | WP REST API FNS |
Affected:
0 , ≤ 1.0.0
(custom)
|
|
| vivek_tamrakar | wp_rest_api_fns |
Affected:
0 , ≤ 1.0.0
(custom)
cpe:2.3:a:vivek_tamrakar:wp_rest_api_fns:*:*:*:*:*:*:*:* |
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vivek_tamrakar:wp_rest_api_fns:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_rest_api_fns",
"vendor": "vivek_tamrakar",
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T16:09:40.194461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T16:10:18.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "rest-api-fns",
"product": "WP REST API FNS",
"vendor": "vivek2tamrakar",
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:14.472Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.\u003cp\u003eThis issue affects WP REST API FNS: from n/a through \u003c= 1.0.0.\u003c/p\u003e"
}
],
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through \u003c= 1.0.0."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:25.369Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/rest-api-fns/vulnerability/wordpress-wp-rest-api-fns-plugin-plugin-1-0-0-account-takeover-vulnerability?_s_id=cve"
}
],
"title": "WordPress WP REST API FNS Plugin plugin \u003c= 1.0.0 - Account Takeover vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-49328",
"datePublished": "2024-10-20T07:58:15.308Z",
"dateReserved": "2024-10-14T10:40:38.484Z",
"dateUpdated": "2026-04-28T16:10:25.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-49604 (GCVE-0-2024-49604)
Vulnerability from cvelistv5 – Published: 2024-10-20 07:56 – Updated: 2026-04-28 16:10
VLAI
Title
WordPress Simple User Registration plugin <= 6.7 - Broken Authentication vulnerability
Summary
Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through <= 6.7.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| N-Media | Simple User Registration |
Affected:
0 , ≤ 6.7
(custom)
|
|
| najeeb_ahmad | simple_user_registration |
Affected:
0 , ≤ 5.5
(custom)
cpe:2.3:a:najeeb_ahmad:simple_user_registration:*:*:*:*:*:*:*:* |
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:najeeb_ahmad:simple_user_registration:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simple_user_registration",
"vendor": "najeeb_ahmad",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T16:10:36.387594Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T16:11:38.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-registration",
"product": "Simple User Registration",
"vendor": "N-Media",
"versions": [
{
"changes": [
{
"at": "6.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:16.563Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.\u003cp\u003eThis issue affects Simple User Registration: from n/a through \u003c= 6.7.\u003c/p\u003e"
}
],
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through \u003c= 6.7."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:25.561Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-registration/vulnerability/wordpress-simple-user-registration-plugin-5-5-account-takeover-vulnerability?_s_id=cve"
}
],
"title": "WordPress Simple User Registration plugin \u003c= 6.7 - Broken Authentication vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-49604",
"datePublished": "2024-10-20T07:56:32.685Z",
"dateReserved": "2024-10-17T09:51:09.446Z",
"dateUpdated": "2026-04-28T16:10:25.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-49675 (GCVE-0-2024-49675)
Vulnerability from cvelistv5 – Published: 2024-10-23 15:11 – Updated: 2026-05-12 22:56
VLAI
Title
WordPress iBryl Switch User plugin <= 1.0.1 - Account Takeover vulnerability
Summary
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through <= 1.0.1.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Vitalii | iBryl Switch User |
Affected:
0 , ≤ 1.0.1
(custom)
|
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:37:34.982679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T22:56:36.488Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ibryl-switch-user",
"product": "iBryl Switch User",
"vendor": "Vitalii",
"versions": [
{
"lessThanOrEqual": "1.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:26.683Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.\u003cp\u003eThis issue affects iBryl Switch User: from n/a through \u003c= 1.0.1.\u003c/p\u003e"
}
],
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through \u003c= 1.0.1."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:27.275Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/ibryl-switch-user/vulnerability/wordpress-ibryl-switch-user-plugin-1-0-1-account-takeover-vulnerability?_s_id=cve"
}
],
"title": "WordPress iBryl Switch User plugin \u003c= 1.0.1 - Account Takeover vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-49675",
"datePublished": "2024-10-23T15:11:19.531Z",
"dateReserved": "2024-10-17T09:52:10.631Z",
"dateUpdated": "2026-05-12T22:56:36.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-50334 (GCVE-0-2024-50334)
Vulnerability from cvelistv5 – Published: 2024-10-29 14:36 – Updated: 2024-10-29 14:53
VLAI
Title
Semicolon Path Injection on API /api;/config
Summary
Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT requests on the /api;/config endpoint while setting the Content-Type: application/hocon header allow unauthenticated attackers to file reading via HOCON file inclusion. This allows attackers to retrieve sensitive information such as configuration files from the server, which can be leveraged for further exploitation. The vulnerability has been fixed in Scoold 1.64.0. A workaround would be to disable the Scoold API with scoold.api_enabled = false.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/Erudika/scoold/security/adviso… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:erudika:scoold:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scoold",
"vendor": "erudika",
"versions": [
{
"lessThan": "1.64.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-29T14:51:53.758265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T14:53:25.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "scoold",
"vendor": "Erudika",
"versions": [
{
"status": "affected",
"version": "\u003c 1.64.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Scoold is a Q\u0026A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT requests on the /api;/config endpoint while setting the Content-Type: application/hocon header allow unauthenticated attackers to file reading via HOCON file inclusion. This allows attackers to retrieve sensitive information such as configuration files from the server, which can be leveraged for further exploitation. The vulnerability has been fixed in Scoold 1.64.0. A workaround would be to disable the Scoold API with scoold.api_enabled = false."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T14:36:13.466Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Erudika/scoold/security/advisories/GHSA-fhwp-f6g7-rr3p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Erudika/scoold/security/advisories/GHSA-fhwp-f6g7-rr3p"
}
],
"source": {
"advisory": "GHSA-fhwp-f6g7-rr3p",
"discovery": "UNKNOWN"
},
"title": "Semicolon Path Injection on API /api;/config"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-50334",
"datePublished": "2024-10-29T14:36:13.466Z",
"dateReserved": "2024-10-22T17:54:40.954Z",
"dateUpdated": "2024-10-29T14:53:25.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-50477 (GCVE-0-2024-50477)
Vulnerability from cvelistv5 – Published: 2024-10-28 11:23 – Updated: 2026-04-28 16:10
VLAI
Title
WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Account Takeover vulnerability
Summary
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Stacks | Stacks Mobile App Builder |
Affected:
0 , ≤ 5.2.3
(custom)
|
|
| stacks | stacks_mobile_app_builder |
Affected:
0 , ≤ 5.2.3
(custom)
cpe:2.3:a:stacks:stacks_mobile_app_builder:*:*:*:*:*:*:*:* |
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:stacks:stacks_mobile_app_builder:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "stacks_mobile_app_builder",
"vendor": "stacks",
"versions": [
{
"lessThanOrEqual": "5.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50477",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T12:15:56.227061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T12:20:13.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "stacks-mobile-app-builder",
"product": "Stacks Mobile App Builder",
"vendor": "Stacks",
"versions": [
{
"lessThanOrEqual": "5.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:52.921Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.\u003cp\u003eThis issue affects Stacks Mobile App Builder: from n/a through \u003c= 5.2.3.\u003c/p\u003e"
}
],
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through \u003c= 5.2.3."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:29.752Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/stacks-mobile-app-builder/vulnerability/wordpress-stacks-mobile-app-builder-plugin-5-2-3-account-takeover-vulnerability?_s_id=cve"
}
],
"title": "WordPress Stacks Mobile App Builder plugin \u003c= 5.2.3 - Account Takeover vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-50477",
"datePublished": "2024-10-28T11:23:07.082Z",
"dateReserved": "2024-10-24T07:26:38.824Z",
"dateUpdated": "2026-04-28T16:10:29.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-50486 (GCVE-0-2024-50486)
Vulnerability from cvelistv5 – Published: 2024-10-28 11:19 – Updated: 2026-05-12 22:58
VLAI
Title
WordPress Acnoo Flutter API plugin <= 1.0.5 - Account Takeover vulnerability
Summary
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API acnoo-flutter-api allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through <= 1.0.5.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Acnoo | Acnoo Flutter API |
Affected:
0 , ≤ 1.0.5
(custom)
|
|
| acnoo | acnoo_flutter_api |
Affected:
0 , ≤ 1.0.5
(custom)
cpe:2.3:a:acnoo:acnoo_flutter_api:*:*:*:*:*:*:*:* |
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:acnoo:acnoo_flutter_api:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acnoo_flutter_api",
"vendor": "acnoo",
"versions": [
{
"lessThanOrEqual": "1.0.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50486",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T12:21:27.270674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T22:58:18.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "acnoo-flutter-api",
"product": "Acnoo Flutter API",
"vendor": "Acnoo",
"versions": [
{
"lessThanOrEqual": "1.0.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:54.659Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API acnoo-flutter-api allows Authentication Bypass.\u003cp\u003eThis issue affects Acnoo Flutter API: from n/a through \u003c= 1.0.5.\u003c/p\u003e"
}
],
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API acnoo-flutter-api allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through \u003c= 1.0.5."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:30.276Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/acnoo-flutter-api/vulnerability/wordpress-acnoo-flutter-api-plugin-1-0-5-account-takeover-vulnerability?_s_id=cve"
}
],
"title": "WordPress Acnoo Flutter API plugin \u003c= 1.0.5 - Account Takeover vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-50486",
"datePublished": "2024-10-28T11:19:18.236Z",
"dateReserved": "2024-10-24T07:26:38.825Z",
"dateUpdated": "2026-05-12T22:58:18.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-50487 (GCVE-0-2024-50487)
Vulnerability from cvelistv5 – Published: 2024-10-28 11:17 – Updated: 2026-05-12 22:58
VLAI
Title
WordPress MaanStore API plugin <= 1.0.1 - Account Takeover vulnerability
Summary
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo MaanStore API maanstore-api allows Authentication Bypass.This issue affects MaanStore API: from n/a through <= 1.0.1.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Acnoo | MaanStore API |
Affected:
0 , ≤ 1.0.1
(custom)
|
|
| maantheme | maanstore_api |
Affected:
0 , ≤ 1.0.1
(custom)
cpe:2.3:a:maantheme:maanstore_api:*:*:*:*:*:*:*:* |
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:maantheme:maanstore_api:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "maanstore_api",
"vendor": "maantheme",
"versions": [
{
"lessThanOrEqual": "1.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50487",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T12:25:10.993370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T22:58:04.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "maanstore-api",
"product": "MaanStore API",
"vendor": "Acnoo",
"versions": [
{
"lessThanOrEqual": "1.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:55.038Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo MaanStore API maanstore-api allows Authentication Bypass.\u003cp\u003eThis issue affects MaanStore API: from n/a through \u003c= 1.0.1.\u003c/p\u003e"
}
],
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo MaanStore API maanstore-api allows Authentication Bypass.This issue affects MaanStore API: from n/a through \u003c= 1.0.1."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:30.195Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/maanstore-api/vulnerability/wordpress-maanstore-api-plugin-1-0-1-account-takeover-vulnerability?_s_id=cve"
}
],
"title": "WordPress MaanStore API plugin \u003c= 1.0.1 - Account Takeover vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-50487",
"datePublished": "2024-10-28T11:17:40.048Z",
"dateReserved": "2024-10-24T07:26:46.795Z",
"dateUpdated": "2026-05-12T22:58:04.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Funnel all access through a single choke point to simplify how users can access a resource. For every access, perform a check to determine if the user has permissions to access the resource.
CAPEC-127: Directory Indexing
An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.