CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24554 – Bludit - Insecure Token Generation
https://notcve.org/view.php?id=CVE-2024-24554
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API. Bludit utiliza métodos predecibles en combinación con el algoritmo hash MD5 para generar tokens confidenciales, como el token API y el token de usuario. Esto permite a los atacantes autenticarse en la API de Bludit. • https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit • CWE-287: Improper Authentication CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24553 – Bludit uses SHA1 as Password Hashing Algorithm
https://notcve.org/view.php?id=CVE-2024-24553
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure function. Bludit utiliza el algoritmo hash SHA-1 para calcular hashes de contraseñas. Por lo tanto, los atacantes podrían determinar contraseñas de texto sin cifrar con ataques de fuerza bruta debido a la velocidad inherente de SHA-1. • https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit • CWE-916: Use of Password Hash With Insufficient Computational Effort •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24552 – Bludit is Vulnerable to Session Fixation
https://notcve.org/view.php?id=CVE-2024-24552
A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing. Una vulnerabilidad de fijación de sesión en Bludit permite a un atacante eludir la autenticación del servidor si puede engañar a un administrador o cualquier otro usuario para que autorice una ID de sesión de su elección. • https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit • CWE-384: Session Fixation •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24550 – Bludit - Remote Code Execution (RCE) through File API
https://notcve.org/view.php?id=CVE-2024-24550
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files. Se ha identificado una vulnerabilidad de seguridad en Bludit, que permite a atacantes con conocimiento del token API cargar archivos arbitrarios a través de File API, lo que conduce a la ejecución de código arbitrario en el servidor. Esta vulnerabilidad surge del manejo inadecuado de la carga de archivos, lo que permite a actores malintencionados cargar y ejecutar archivos PHP. • https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-434: Unrestricted Upload of File with Dangerous Type CWE-502: Deserialization of Untrusted Data •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25297
https://notcve.org/view.php?id=CVE-2024-25297
Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote attackers to execute arbitrary code and obtain sensitive information via edit-content.php. Vulnerabilidad de Cross Site Scripting (XSS) en Bludit CMS versión 3.15, permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través de edit-content.php. • https://github.com/CpyRe/I-Find-CVE-2024/blob/main/BLUDIT%20Stored%20XSS.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •