CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-43363 – Remote code execution via Log Poisoning in Cacti
https://notcve.org/view.php?id=CVE-2024-43363
An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. • https://github.com/p33d/CVE-2024-43363 https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45291 – Path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled in PHPSpreadsheet
https://notcve.org/view.php?id=CVE-2024-45291
Note that any PHP protocol wrappers can be used, meaning that if for example the `expect://` wrapper is enabled, also remote code execution is possible. • https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-w9xv-qf98-ccq4 • CWE-36: Absolute Path Traversal CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31449 – Lua library commands may lead to stack overflow and RCE in Redis
https://notcve.org/view.php?id=CVE-2024-31449
An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. • https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9 https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5 • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •
CVSS: 7.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-47559 – Authenticated RCE via Path Traversal
https://notcve.org/view.php?id=CVE-2024-47559
Authenticated RCE via Path Traversal • https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-47558 – Authenticated RCE via Path Traversal
https://notcve.org/view.php?id=CVE-2024-47558
Authenticated RCE via Path Traversal • https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •