Vulnerability Details CVE-2024-22851
Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.8%
CVSS Severity
CVSS v3 Score 7.5
References
- https://raeph123.github.io/BlogPosts/LiveConfig/LiveConfig_Advisory_CVE-2024-22851_en.html
- https://www.drive-byte.de/en/blog/liveconfig-advisory-cve-2024-22851
- https://www.liveconfig.com/de/kb/cve/cve-2024-22851/
- https://www.drive-byte.de/en/blog/liveconfig-advisory-cve-2024-22851
- https://www.liveconfig.com/de/kb/cve/cve-2024-22851/
Products affected by CVE-2024-22851
-
cpe:2.3:a:liveconfig:liveconfig:*