← back
CVE-2024-30802

CVE-2024-30802

CVSS 9.8 CRITICALEPSS 0.5%CWE-1393
In short

A flaw in Vehicle Management System version 7.31.0.3_20230412 allows attackers to gain administrator privileges through the login page, bypassing normal user access restrictions.

Technical detail

CWE-1393 vulnerability in the login.html component enables privilege escalation without authentication or with minimal pre-conditions. An attacker can exploit this to obtain administrative access to the system, compromising confidentiality, integrity, and availability of vehicle management data.

Summary generated and translated by AI from the official description.
An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges via the login.html component.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-30802.mdhttps://github.com/WarmBrew/web_vul/blob/main/TTX.md