| ZUSOART ID |
ZA-2024-01 |
| CVE ID |
CVE-2024-5262 |
| Vulnerability Type |
CWE-552: Files or Directories Accessible to External Parties |
| CVSS 4.0 Base |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (9.3) |
| Description |
Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote attackers to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login. |
| Vendor |
ProjectDiscovery |
| Product |
| Category |
Version affected |
| Interactsh |
from v0.0.6 through v1.1.9 |
|
| Product Support |
Update to Interactsh server v1.2.0 |
| Release date |
2024/06/05 |
| Credit |
Tsung Ju Wu (Daniel Wu) of ZUSO ART |
