How severe is CVE-2024-28826?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2024-28826?

This is classified as CWE-73, which is a common weakness in software security.

CVE-2024-28826

HIGH Year: 2024

CVSS v3 Score

8.1

High

Weakness Type

CWE-73

View all →

Vulnerability Description

Improper restriction of local upload and download paths in check_sftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 (EOL) allows attackers with sufficient permissions to configure the check to read and write local files on the Checkmk site server.

CVE-2023-3256

HIGH

CVSS:8.1(High)

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files.

CWE-732023

CVE-2023-32615

HIGH

CVSS:8.1(High)

A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitra...

CWE-732023

CVE-2024-10361

HIGH

CVSS:8.1(High)

An arbitrary file deletion vulnerability exists in danny-avila/librechat version v0.7.5-rc2, specifically within the /api/files endpoint. This vulnerability arises from improper input validation, allo...

CWE-732024

CVE-2024-20652

HIGH

CVSS:8.1(High)

Windows HTML Platforms Security Feature Bypass Vulnerability

CWE-732024

CVE-2024-38049

HIGH

CVSS:8.1(High)

Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability

CWE-732024

CVE-2024-7626

HIGH

CVSS:8.1(High)

The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in th...

CWE-732024

CVE-2024-28826

Vulnerability Description

Related Vulnerabilities

CVE-2023-3256

CVE-2023-32615

CVE-2024-10361

CVE-2024-20652

CVE-2024-38049

CVE-2024-7626