CVE-2024-37769
HIGHDescription
Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| b1ackc4t | 14finger |
References
Frequently Asked Questions
What is CVE-2024-37769? +
How severe is CVE-2024-37769? +
What products are affected by CVE-2024-37769? +
How do I check if I'm vulnerable to CVE-2024-37769? +
Related Vulnerabilities
Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus …
IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor …
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build …
14Finger v1.1 was discovered to contain an arbitrary user deletion vulnerability via the component /api/admin/user?id.
14Finger v1.1 was discovered to contain a remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers …