What is CVE-2024-37759?

CVE-2024-37759 is a vulnerability in N/a. Published 2024-06-24.

Is CVE-2024-37759 known to be exploited?

18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface.

EPSS: 0.807 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

crumbledwall/CVE-2024-37759_PoC
12442RF/POC
ARPSyndicate/cve-scores
DMW11525708/wiki
Lern0n/Lernon-POC
Linxloop/fork_
adysec/POC
cisp-pte/POC-20241008-sec-fork
crumbledwall/CVE-2024-37759_
eeeeeeeeee-code/POC

References

github.com/datageartech/datagear/issues/32
github.com/crumbledwall/CVE-2024-37759_PoC

Frequently asked questions

What is CVE-2024-37759?: CVE-2024-37759 is a vulnerability in N/a. Published 2024-06-24.
Is CVE-2024-37759 known to be exploited?: 18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.