Skip to main content

Gravityzone Control Center

2 CVEs product

Monthly

CVE-2024-2224 CRITICAL Act Now

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Microsoft Endpoint Security Gravityzone Control Center
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-2223 CRITICAL Act Now

An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay.0.5.200089 Bitdefender. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Microsoft Endpoint Security Gravityzone Control Center
NVD
CVSS 3.1
9.8
EPSS
0.5%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Microsoft +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay.0.5.200089 Bitdefender. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Microsoft Endpoint Security +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy