What is CVE-2024-44349?

CVE-2024-44349 is a vulnerability in N/a. Published 2024-10-08.

Is CVE-2024-44349 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-44349

A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in the underlying DB.

EPSS: 0.762 (98.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

AndreaF17/PoC-CVE-2024-44349
20142995/nuclei-templates
cyb3r-w0lf/nuclei-template-collection
fkie-cad/nvd-json-data-feeds
nomi-sec/PoC-in-GitHub

References

cybergon.com/
blog.cybergon.com/posts/cve-2024-44349/
github.com/AndreaF17/PoC-CVE-2024-44349

Frequently asked questions

What is CVE-2024-44349?: CVE-2024-44349 is a vulnerability in N/a. Published 2024-10-08.
Is CVE-2024-44349 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.