CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-50707

Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.0%

CVSS Severity

CVSS v3 Score 10.0

References

https://uniguest.com/cve-bulletins/
https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50707-Vulnerability-Summary.pdf

Products affected by CVE-2024-50707

Uniguest » Tripleplay » Version: 23.1

cpe:2.3:a:uniguest:tripleplay:23.1
Uniguest » Tripleplay » Version: 24.1

cpe:2.3:a:uniguest:tripleplay:24.1
Uniguest » Tripleplay » Version: 24.1.1

cpe:2.3:a:uniguest:tripleplay:24.1.1
Uniguest » Tripleplay » Version: 24.2

cpe:2.3:a:uniguest:tripleplay:24.2
Uniguest » Tripleplay » Version: 3.4.0

cpe:2.3:a:uniguest:tripleplay:3.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50707

Products

Pricing

Contact Us