Main Vulnerability Database Exploits ID:10597 - Exploit for OS Command Injection in Expedition - CVE-2024-9464

ID:10597 - Exploit for OS Command Injection in Expedition - CVE-2024-9464

Published: October 11, 2024

Vulnerability identifier: #VU98384

Vulnerability risk: High

CVE-ID: CVE-2024-9464

CWE-ID: CWE-78

Exploitation vector: Remote access

Vulnerable software:
Expedition

Link to public exploit:

https://github.com/horizon3ai/CVE-2024-9464

Vulnerability description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to improper input validation. A remote authenticated user can pass specially crafted request to the system and execute arbitrary OS commands as root.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

ID:10597 - Exploit for OS Command Injection in Expedition - CVE-2024-9464

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human