What is the CVSS score of CVE-2024-39717?

CVE-2024-39717 has a CVSS 3.1 base score of 7.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 4.6%.

Is CVE-2024-39717 being actively exploited?

Yes, CVE-2024-39717 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation. Immediate patching is required.

How to fix or mitigate CVE-2024-39717?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Review file handling controls and restrict upload directories.

CVE-2024-39717

HIGH

Unrestricted Upload of File with Dangerous Type (CWE-434)

2024-08-22 support@hackerone.com

7.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:20 vuln.today

Added to CISA KEV

Oct 30, 2025 - 20:40 cisa

CISA KEV

CVE Published

Aug 22, 2024 - 19:15 nvd

HIGH 7.2

DescriptionNVD

The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in.

AnalysisAI

Versa Director GUI contains a file upload vulnerability in the 'Change Favicon' functionality that allows provider-level administrators to upload malicious files, exploited by Volt Typhoon (Chinese APT) against ISPs.

Technical ContextAI

The CWE-434 unrestricted file upload in the 'Change Favicon' feature accepts executable files alongside legitimate image files. While requiring Provider-Data-Center-Admin privileges, these credentials were obtained through prior compromise of upstream systems.

Affected ProductsAI

Versa Director GUI

RemediationAI

Apply Versa security updates. Audit provider admin accounts for unauthorized access. Check for VersaMem web shell indicators. Restrict management access to Versa Director.

CVE-2024-39717 vulnerability details – vuln.today

Back

CVE-2024-39717

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Share

External POC / Exploit Code