Vulnerability Details CVE-2024-24122
A remote code execution vulnerability in the project management of Wanxing Technology's Yitu project which allows an attacker to use the exp.adpx file as a zip compressed file to construct a special file name, which can be used to decompress the project file into the system startup folder, restart the system, and automatically execute the constructed attack script.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.1%
CVSS Severity
CVSS v3 Score 3.3
Products affected by CVE-2024-24122
-
cpe:2.3:a:wondershare:edraw:3.2.2