CVE-2024-3444

MEDIUM Year: 2024
CVSS v3 Score
4.7
Medium
CVSS v2 Score
5.8
Medium
Weakness Type
CWE-434
View all →

Vulnerability Description

A vulnerability was found in Wangshen SecGate 3600 up to 20240408. It has been classified as critical. This affects an unknown part of the file /?g=net_pro_keyword_import_save. The manipulation of the argument reqfile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259701 was assigned to this vulnerability.

Related Vulnerabilities

CVE-2022-4732

MEDIUM
CVSS:4.7(Medium)

Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.

CWE-4342022

CVE-2023-6794

MEDIUM
CVSS:4.7(Medium)

An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentia...

CWE-4342023

CVE-2024-3117

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical was found in YouDianCMS up to 9.5.12. This vulnerability affects unknown code of the file App\Lib\Action\Admin\ChannelAction.class.php. The manipulation of the a...

CWE-4342024

CVE-2024-3521

MEDIUM
CVSS:4.7(Medium)

A vulnerability was found in Byzoro Smart S80 Management Platform up to 20240317. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestat...

CWE-4342024

CVE-2024-45644

MEDIUM
CVSS:4.7(Medium)

IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

CWE-4342024

CVE-2024-45965

MEDIUM
CVSS:4.7(Medium)

Contao before 5.5.6 allows XSS via an SVG document. This affects (in contao/core-bundle in Composer) 4.x before 4.13.54, 5.0.x through 5.3.x before 5.3.30, and 5.4.x and 5.5..x before 5.5.6.

CWE-4342024