What is CVE-2024-35286?

CVE-2024-35286 is a vulnerability in N/a. Published 2024-10-21.

Is CVE-2024-35286 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-35286

A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker…

EPSS: 0.600 (98.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

lu4m575/CVE-2024-35286_scan.nse
Ostorlab/KEV
nomi-sec/PoC-in-GitHub
tylzars/awesome-vrre-writeups

References

www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-00…

Frequently asked questions

What is CVE-2024-35286?: CVE-2024-35286 is a vulnerability in N/a. Published 2024-10-21.
Is CVE-2024-35286 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.