CVE-2024-9924

Critical

The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote…

twcert·CWE-36·Published 2024-10-14

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

224 chars

The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote attackers still can download arbitrary system files, which may be deleted subsequently .

NVDen

224 chars

NVDes

241 chars

La corrección de CVE-2024-26261 no fue completa y el paquete específico para OAKlouds de Hgiga sigue en riesgo. Los atacantes remotos no autenticados aún pueden descargar archivos de sistema arbitrarios, que pueden eliminarse posteriormente.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H