VDB
ALAS2023-2024-589
ALAS2023-2024-589
PUBLISHED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | glibc |
Exploit Intelligence
- CVE-2024–2961 Security Issue Mitigation Script (github-poc)
- A WordPress demo lab for CVE-2024-2961 & CVE-2024-29510 (github-poc)
- A WordPress demo lab for CVE-2024-2961 & CVE-2024-29510 (github-poc-repo)
- PHP RCE CVE-2024-2961 Nucleus Hackathon Demo (github-poc-repo)
- PHP RCE CVE-2024-2961 Nucleus Hackathon Demo (github-poc)
- PHP RCE CVE-2024-2961 Nucleus Hackathon Demo (github-poc-repo)
- PHP RCE CVE-2024-2961 Nucleus Hackathon Demo (github-poc)
- Uses CVE-2024-2961 to perform an arbitrary file read (github-poc-repo)
- Exploit for CVE-2023-26326 in the WordPress BuddyForms plugin, leveraging CVE-2024-2961 for remote code execution. This exploit bypasses PHP 8+ deserialization limitations by chaining vulnerabilities with php://filter. (github-poc-repo)
- CVE-2024-2961 Cnext RCE Exploit with Buddyforms 2.7.7 (github-poc-repo)
…and 27 more exploits
Timeline
- May 3, 2024 CVE Published
References
- ALAS2023-2024-589: glibc (important) advisory