1. Home
  2. CVE Database
  3. CVE-2024-27707
MEDIUM · 4.3

CVE-2024-27707

Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file.

Vulnerability Description

Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
NONE

Related Weaknesses (CWE)

CWE-918

References

FAQ

What is CVE-2024-27707?

CVE-2024-27707 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file.

How severe is CVE-2024-27707?

CVE-2024-27707 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-27707?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.