CWE-266
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CVE-2024-13206 (GCVE-0-2024-13206)
Vulnerability from cvelistv5 – Published: 2025-01-09 03:00 – Updated: 2025-01-09 15:58
VLAI
Title
REVE Antivirus reveinstall default permission
Summary
A vulnerability classified as critical has been found in REVE Antivirus 1.0.0.0 on Linux. This affects an unknown part of the file /usr/local/reveantivirus/tmp/reveinstall. The manipulation leads to incorrect default permissions. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.290799 | vdb-entry |
| https://vuldb.com/?ctiid.290799 | signaturepermissions-required |
| https://vuldb.com/?submit.471160 | third-party-advisory |
| https://github.com/hawkteam404/RnD_Public/blob/ma… | exploit |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13206",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T15:57:38.468947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T15:58:14.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Antivirus",
"vendor": "REVE",
"versions": [
{
"status": "affected",
"version": "1.0.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "FPT IS Security (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in REVE Antivirus 1.0.0.0 on Linux. This affects an unknown part of the file /usr/local/reveantivirus/tmp/reveinstall. The manipulation leads to incorrect default permissions. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in REVE Antivirus 1.0.0.0 f\u00fcr Linux entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /usr/local/reveantivirus/tmp/reveinstall. Durch die Manipulation mit unbekannten Daten kann eine incorrect default permissions-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T03:00:09.484Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-290799 | REVE Antivirus reveinstall default permission",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.290799"
},
{
"name": "VDB-290799 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.290799"
},
{
"name": "Submit #471160 | REVE Antivirus Antivirus for Linux 1.0.0.0 Incorrect Default Permissions",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.471160"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/hawkteam404/RnD_Public/blob/main/reve_av_multiple_vuln.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-08T16:16:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "REVE Antivirus reveinstall default permission"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-13206",
"datePublished": "2025-01-09T03:00:09.484Z",
"dateReserved": "2025-01-08T15:11:48.556Z",
"dateUpdated": "2025-01-09T15:58:14.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13211 (GCVE-0-2024-13211)
Vulnerability from cvelistv5 – Published: 2025-01-09 03:31 – Updated: 2025-01-09 15:46
VLAI
Title
SingMR HouseRent AdminController.java access control
Summary
A vulnerability was found in SingMR HouseRent 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/main/java/com/house/wym/controller/AdminController.java. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity
6.3 (Medium)
6.3 (Medium)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.290816 | vdb-entry |
| https://vuldb.com/?ctiid.290816 | signaturepermissions-required |
| https://vuldb.com/?submit.471427 | third-party-advisory |
| https://github.com/SingMR/HouseRent/issues/12 | issue-tracking |
| https://github.com/SingMR/HouseRent/issues/12#iss… | exploitissue-tracking |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13211",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T15:46:33.467782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T15:46:38.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HouseRent",
"vendor": "SingMR",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LVZC2 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SingMR HouseRent 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/main/java/com/house/wym/controller/AdminController.java. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in SingMR HouseRent 1.0 ausgemacht. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei src/main/java/com/house/wym/controller/AdminController.java. Durch das Beeinflussen mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T03:31:06.175Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-290816 | SingMR HouseRent AdminController.java access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.290816"
},
{
"name": "VDB-290816 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.290816"
},
{
"name": "Submit #471427 | SingMR HouseRent 1.0 Unauthorized access",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.471427"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/SingMR/HouseRent/issues/12"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/SingMR/HouseRent/issues/12#issue-2762124045"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-08T17:59:38.000Z",
"value": "VulDB entry last update"
}
],
"title": "SingMR HouseRent AdminController.java access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-13211",
"datePublished": "2025-01-09T03:31:06.175Z",
"dateReserved": "2025-01-08T16:54:31.762Z",
"dateUpdated": "2025-01-09T15:46:38.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13248 (GCVE-0-2024-13248)
Vulnerability from cvelistv5 – Published: 2025-01-09 18:53 – Updated: 2025-01-10 21:18
VLAI
Title
Private content - Moderately critical - Access bypass - SA-CONTRIB-2024-012
Summary
Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0.
Severity
5.5 (Medium)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Drupal | Private content |
Affected:
0.0.0 , < 2.1.0
(semver)
|
Date Public
2024-02-28 18:19
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-13248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T21:17:46.559794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:18:54.261Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.drupal.org/project/private_content",
"defaultStatus": "unaffected",
"product": "Private content",
"repo": "https://git.drupalcode.org/project/private_content",
"vendor": "Drupal",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "kiwimind"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Adam Shepherd"
},
{
"lang": "en",
"type": "coordinator",
"value": "Greg Knaddison"
},
{
"lang": "en",
"type": "coordinator",
"value": "Juraj Nemec"
}
],
"datePublic": "2024-02-28T18:19:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.\u003cp\u003eThis issue affects Private content: from 0.0.0 before 2.1.0.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-425",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-425 Target Influence via Framing"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T18:53:58.956Z",
"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"shortName": "drupal"
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2024-012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Private content - Moderately critical - Access bypass - SA-CONTRIB-2024-012",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"assignerShortName": "drupal",
"cveId": "CVE-2024-13248",
"datePublished": "2025-01-09T18:53:58.956Z",
"dateReserved": "2025-01-09T18:27:10.282Z",
"dateUpdated": "2025-01-10T21:18:54.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13251 (GCVE-0-2024-13251)
Vulnerability from cvelistv5 – Published: 2025-01-09 18:58 – Updated: 2025-01-10 17:06
VLAI
Title
Registration role - Critical - Access bypass - SA-CONTRIB-2024-015
Summary
Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1.
Severity
8.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Drupal | Registration role |
Affected:
0.0.0 , < 2.0.1
(semver)
|
Date Public
2024-03-06 17:06
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-13251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T17:06:17.376962Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T17:06:53.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.drupal.org/project/registration_role",
"defaultStatus": "unaffected",
"product": "Registration role",
"repo": "https://git.drupalcode.org/project/registration_role",
"vendor": "Drupal",
"versions": [
{
"lessThan": "2.0.1",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Pamela Barone"
},
{
"lang": "en",
"type": "finder",
"value": "Renaud Joubert"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Juraj Nemec"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Benjamin Melan\u00c3\u00a7on"
},
{
"lang": "en",
"type": "coordinator",
"value": "Juraj Nemec"
},
{
"lang": "en",
"type": "coordinator",
"value": "Greg Knaddison"
},
{
"lang": "en",
"type": "coordinator",
"value": "Drew Webber"
}
],
"datePublic": "2024-03-06T17:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.\u003cp\u003eThis issue affects Registration role: from 0.0.0 before 2.0.1.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T18:58:16.356Z",
"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"shortName": "drupal"
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2024-015"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Registration role - Critical - Access bypass - SA-CONTRIB-2024-015",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"assignerShortName": "drupal",
"cveId": "CVE-2024-13251",
"datePublished": "2025-01-09T18:58:16.356Z",
"dateReserved": "2025-01-09T18:27:13.220Z",
"dateUpdated": "2025-01-10T17:06:53.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13421 (GCVE-0-2024-13421)
Vulnerability from cvelistv5 – Published: 2025-02-12 04:22 – Updated: 2026-04-08 17:13
VLAI
Title
Real Estate 7 WordPress <= 3.5.1 - Unauthenticated Privilege Escalation to Administrator
Summary
The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.1. This is due to the plugin not properly restricting the roles allowed to be selected during registration. This makes it possible for unauthenticated attackers to register a new administrative user account.
Severity
9.8 (Critical)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| contempoinc | Real Estate 7 WordPress |
Affected:
0 , ≤ 3.5.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13421",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T16:00:43.346525Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:09:23.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Real Estate 7 WordPress",
"vendor": "contempoinc",
"versions": [
{
"lessThanOrEqual": "3.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucio S\u00e1"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.1. This is due to the plugin not properly restricting the roles allowed to be selected during registration. This makes it possible for unauthenticated attackers to register a new administrative user account."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:13:12.371Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a50b3304-d55b-487a-8137-d5083c704cf4?source=cve"
},
{
"url": "https://themeforest.net/item/wp-pro-real-estate-7-responsive-real-estate-wordpress-theme/12473778"
},
{
"url": "https://contempothemes.com/changelog/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-11T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Real Estate 7 WordPress \u003c= 3.5.1 - Unauthenticated Privilege Escalation to Administrator"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13421",
"datePublished": "2025-02-12T04:22:15.326Z",
"dateReserved": "2025-01-15T18:49:58.633Z",
"dateUpdated": "2026-04-08T17:13:12.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-20320 (GCVE-0-2024-20320)
Vulnerability from cvelistv5 – Published: 2024-03-13 16:41 – Updated: 2024-08-16 18:53
VLAI
Summary
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System (NCS) 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of arguments that are included with the SSH client CLI command. An attacker with low-privileged access to an affected device could exploit this vulnerability by issuing a crafted SSH client command to the CLI. A successful exploit could allow the attacker to elevate privileges to root on the affected device.
Severity
7.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
7.2.1
Affected: 7.2.2 Affected: 7.3.1 Affected: 7.3.15 Affected: 7.3.2 Affected: 7.3.3 Affected: 7.3.5 Affected: 7.4.1 Affected: 7.4.2 Affected: 7.5.1 Affected: 7.5.3 Affected: 7.5.2 Affected: 7.5.4 Affected: 7.5.5 Affected: 7.6.1 Affected: 7.6.2 Affected: 7.7.1 Affected: 7.7.2 Affected: 7.7.21 Affected: 7.8.1 Affected: 7.8.2 Affected: 7.9.1 Affected: 7.9.2 Affected: 7.9.21 Affected: 7.10.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-iosxr-ssh-privesc-eWDMKew3",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ssh-privesc-eWDMKew3"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xr",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.3.2"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20320",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-16T04:00:53.164644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T18:53:02.009Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.3.2"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System (NCS) 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. \r\n\r This vulnerability is due to insufficient validation of arguments that are included with the SSH client CLI command. An attacker with low-privileged access to an affected device could exploit this vulnerability by issuing a crafted SSH client command to the CLI. A successful exploit could allow the attacker to elevate privileges to root on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:41:52.488Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-iosxr-ssh-privesc-eWDMKew3",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ssh-privesc-eWDMKew3"
}
],
"source": {
"advisory": "cisco-sa-iosxr-ssh-privesc-eWDMKew3",
"defects": [
"CSCwh52374"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20320",
"datePublished": "2024-03-13T16:41:52.488Z",
"dateReserved": "2023-11-08T15:08:07.632Z",
"dateUpdated": "2024-08-16T18:53:02.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20389 (GCVE-0-2024-20389)
Vulnerability from cvelistv5 – Published: 2024-05-16 14:08 – Updated: 2024-08-01 21:59
VLAI
Summary
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.
This vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user.
Severity
7.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco ConfD |
Affected:
N/A
|
|
| Cisco | Cisco ConfD Basic |
Affected:
8.0.11
|
|
| Cisco | Cisco Network Services Orchestrator |
Affected:
6.0.11
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:confd:8.0.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confd",
"vendor": "cisco",
"versions": [
{
"lessThan": "8.0.12",
"status": "affected",
"version": "8.0.11",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:6.0.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": "6.0.12",
"status": "affected",
"version": "6.0.11",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:6.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"lessThan": "6.2.2",
"status": "affected",
"version": "6.2.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T16:46:34.641203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:25.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-nso-rwpesc-qrQGnh3f",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
},
{
"name": "cisco-sa-cnfd-rwpesc-ZAOufyx8",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco ConfD",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"product": "Cisco ConfD Basic",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.0.11"
}
]
},
{
"product": "Cisco Network Services Orchestrator",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.0.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system.\n\n\nThis vulnerability is due to improper authorization enforcement when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments. A successful exploit could allow the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-16T14:08:21.745Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nso-rwpesc-qrQGnh3f",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f"
},
{
"name": "cisco-sa-cnfd-rwpesc-ZAOufyx8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8"
}
],
"source": {
"advisory": "cisco-sa-nso-rwpesc-qrQGnh3f",
"defects": [
"CSCwj72783",
"CSCwi84310"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20389",
"datePublished": "2024-05-16T14:08:21.745Z",
"dateReserved": "2023-11-08T15:08:07.658Z",
"dateUpdated": "2024-08-01T21:59:42.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20466 (GCVE-0-2024-20466)
Vulnerability from cvelistv5 – Published: 2024-08-21 19:16 – Updated: 2024-10-31 13:21
VLAI
Title
Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device.
This vulnerability is due to improper enforcement of administrative privilege levels for high-value sensitive data. An attacker with read-only Administrator privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system.
Severity
6.5 (Medium)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
2.7.0
Affected: 2.7.0 p1 Affected: 2.7.0 p2 Affected: 3.0.0 Affected: 3.0.0 p1 Affected: 2.7.0 p3 Affected: 3.0.0 p2 Affected: 2.7.0 p4 Affected: 3.0.0 p3 Affected: 3.1.0 Affected: 2.7.0 p5 Affected: 3.0.0 p4 Affected: 2.7.0 p6 Affected: 3.1.0 p1 Affected: 3.0.0 p5 Affected: 2.7.0 p7 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.0.0 p6 Affected: 3.2.0 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.2.0 p1 Affected: 2.7.0 p9 Affected: 3.0.0 p7 Affected: 3.1.0 p6 Affected: 3.2.0 p2 Affected: 3.1.0 p7 Affected: 3.3.0 Affected: 3.2.0 p3 Affected: 3.0.0 p8 Affected: 2.7.0 p10 Affected: 3.1.0 p9 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T13:24:37.396313Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T13:21:15.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.7.0"
},
{
"status": "affected",
"version": "2.7.0 p1"
},
{
"status": "affected",
"version": "2.7.0 p2"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.0 p1"
},
{
"status": "affected",
"version": "2.7.0 p3"
},
{
"status": "affected",
"version": "3.0.0 p2"
},
{
"status": "affected",
"version": "2.7.0 p4"
},
{
"status": "affected",
"version": "3.0.0 p3"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "2.7.0 p5"
},
{
"status": "affected",
"version": "3.0.0 p4"
},
{
"status": "affected",
"version": "2.7.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.0.0 p5"
},
{
"status": "affected",
"version": "2.7.0 p7"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.0.0 p6"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "2.7.0 p9"
},
{
"status": "affected",
"version": "3.0.0 p7"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.0.0 p8"
},
{
"status": "affected",
"version": "2.7.0 p10"
},
{
"status": "affected",
"version": "3.1.0 p9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. \r\n\r\nThis vulnerability is due to improper enforcement of administrative privilege levels for high-value sensitive data. An attacker with read-only Administrator privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T15:09:40.573Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-info-exp-vdF8Jbyk",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-vdF8Jbyk"
}
],
"source": {
"advisory": "cisco-sa-ise-info-exp-vdF8Jbyk",
"defects": [
"CSCwe48929"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20466",
"datePublished": "2024-08-21T19:16:36.810Z",
"dateReserved": "2023-11-08T15:08:07.680Z",
"dateUpdated": "2024-10-31T13:21:15.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21743 (GCVE-0-2024-21743)
Vulnerability from cvelistv5 – Published: 2024-09-17 13:35 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress Houzez Login Register plugin <= 3.2.5 - Privilege Escalation vulnerability
Summary
Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This issue affects Houzez Login Register: from n/a through 3.2.5.
Severity
8.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/hou… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| favethemes | Houzez Login Register |
Affected:
n/a , ≤ 3.2.5
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:favethemes:houzez:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "houzez",
"vendor": "favethemes",
"versions": [
{
"lessThanOrEqual": "3.2.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T17:20:04.573304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T17:24:46.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "houzez-login-register",
"product": "Houzez Login Register",
"vendor": "favethemes",
"versions": [
{
"changes": [
{
"at": "3.3.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.2.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "luc (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.\u003cp\u003eThis issue affects Houzez Login Register: from n/a through 3.2.5.\u003c/p\u003e"
}
],
"value": "Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This issue affects Houzez Login Register: from n/a through 3.2.5."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:07.929Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/houzez-login-register/wordpress-houzez-login-register-plugin-3-2-5-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 3.3.0 or a higher version."
}
],
"value": "Update to 3.3.0 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Houzez Login Register plugin \u003c= 3.2.5 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-21743",
"datePublished": "2024-09-17T13:35:44.728Z",
"dateReserved": "2024-01-02T09:05:10.994Z",
"dateUpdated": "2026-04-28T16:09:07.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-22145 (GCVE-0-2024-22145)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:46 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress InstaWP Connect plugin <= 0.1.0.8 - Arbitrary Option Update to Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8.
Severity
8.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| InstaWP | InstaWP Connect |
Affected:
0 , ≤ 0.1.0.8
(custom)
|
Date Public
2026-04-01 16:23
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "instawp_connect",
"vendor": "instawp",
"versions": [
{
"lessThanOrEqual": "0.1.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T19:49:25.560036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:52:29.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "instawp-connect",
"product": "InstaWP Connect",
"vendor": "InstaWP",
"versions": [
{
"changes": [
{
"at": "0.1.0.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "0.1.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Majed Refaea | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:23:17.105Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.\u003cp\u003eThis issue affects InstaWP Connect: from n/a through \u003c= 0.1.0.8.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through \u003c= 0.1.0.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:08.604Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/instawp-connect/vulnerability/wordpress-instawp-connect-plugin-0-1-0-8-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "WordPress InstaWP Connect plugin \u003c= 0.1.0.8 - Arbitrary Option Update to Privilege Escalation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-22145",
"datePublished": "2024-05-17T08:46:53.282Z",
"dateReserved": "2024-01-05T11:18:25.467Z",
"dateUpdated": "2026-04-28T16:09:08.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.