| TVN ID | TVN-202410004 |
|---|---|
| CVE ID | CVE-2024-9924 |
| CVSS | 9.8 (Critical) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | Affected package version:OAKlouds-webbase-2.0 before version 1162 OAKlouds-webbase-3.0 before version 1162 |
| Description | The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote attackers still can download arbitrary system files, which may be deleted subsequently . |
| Solution | Update OAKlouds-webbase-2.0 to version 1162 or later. Update OAKlouds-webbase-3.0 to version 1162 or later. |
| Credit | Kun Xian Lin (DEVCORE) |
| Public Date | 2024-10-14 |
:::