CVE-2024-5262— ProjectDiscovery Interactsh - Files or Directories Accessible to External Parties
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-5262
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ProjectDiscovery Interactsh - Files or Directories Accessible to External Parties
Source: NVD (National Vulnerability Database)
Vulnerability Description
Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote attackers to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对外部实体的文件或目录可访问
Source: NVD (National Vulnerability Database)
Vulnerability Title
Interactsh 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Interactsh是Interactsh开源的一个 OOB 交互收集服务器和客户端库。 Interactsh存在安全漏洞,该漏洞源于可以在没有经过认证的情况下读取写入任意文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ProjectDiscovery | Interactsh | v0.0.6 ~ v1.1.9 | - |
II. Public POCs for CVE-2024-5262
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-5262
Please Login to view more intelligence information
- ZUSO Generation 如梭世代third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-5262
IV. Related Vulnerabilities
Same vendor: ProjectDiscovery
- CVE-2026-41645
Nuclei: Environment variable disclosure via Response-Derived - CVE-2026-41646
Nuclei: Local File Read via require() Module Loader Bypass - CVE-2026-41282
Nuclei 安全漏洞 - CVE-2024-43405
Nuclei Template Signature Verification Bypass - CVE-2024-40641
Unsigned code template execution through workflows in projec
Same weakness: CWE-552
- CVE-2025-7389
Unauthorized Arbitrary File Read via RMI in AdminServer Inte - CVE-2019-25709
CF Image Hosting Script 1.6.5 Unauthorized Database Access - CVE-2026-33698
Chamilo LMS affected by unauthenticated RCE in main/install - CVE-2021-47960
Synology SSL VPN Client 安全漏洞 - CVE-2026-35446
LORIS has a path traversal in FilesDownloadHandler
V. Comments for CVE-2024-5262
No comments yet