White Jotter
CVE-2024-57176
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Lifecycle Timeline
3DescriptionCVE.org
An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL.
AnalysisAI
An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-437. An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL. Affected products include: Antabot White-Jotter.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in White Jotter
View allA vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. Rated medium s
A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Rated medium severi
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Rated medium severity (CVSS 5.1
A vulnerability classified as problematic has been found in Antabot White-Jotter up to 0.2.2. Rated medium severity (CVS
Same weakness CWE-437 – Incomplete Model of Endpoint Features
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today