CVE-2024-55085

CRITICAL

9.8

Description

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in the background management system, which can be used by an attacker to implement RCE.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie12/16/2024

Derniere modification4/17/2025

Sourcenvd

Observations honeypot0

Produits affectes

getsimple-ce:getsimple_cms

Faiblesses (CWE)

CWE-94

References

https://getsimple-ce.ovh/(cve@mitre.org)

https://tasteful-stamp-da4.notion.site/CVE-2024-55085-15b1e0f227cb80a5aee6faeb820bf7e6(cve@mitre.org)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.