What is CVE-2024-41628?

CVE-2024-41628 is a vulnerability in N/a. Published 2024-07-26.

Is CVE-2024-41628 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-41628

Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON AP…

EPSS: 0.915 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

Redshift-CyberSecurity/CVE-2024-41628
20142995/nuclei-templates
nomi-sec/PoC-in-GitHub

References

clustercontrol.com
severalnines.com
docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v2-1-0/
docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v1-9-8/
github.com/Redshift-CyberSecurity/CVE-2024-41628

Frequently asked questions

What is CVE-2024-41628?: CVE-2024-41628 is a vulnerability in N/a. Published 2024-07-26.
Is CVE-2024-41628 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.