Vulnerability Details CVE-2024-55063
Multiple Code Injection vulnerabilities in EasyVirt DC NetScope <= 8.7.0 allows remote authenticated attackers to execute arbitrary code via the (1) lang parameter to /international/keyboard/options; the (2) keyboard_layout or (3) keyboard_variant parameter to /international/settings/keyboard; the (4) timezone parameter to /international/settings/timezone.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.4%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2024-55063
-
cpe:2.3:a:easyvirt:dc_netscope:*