CVE-2024-57378
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-57378
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leading to privilege escalation or unauthorized access to sensitive resources.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Wazuh 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Wazuh是Wazuh开源的一个应用软件。用于收集,汇总,索引和分析安全数据,帮助组织检测入侵,威胁和行为异常。 Wazuh 4.8.2版本存在安全漏洞,该漏洞源于包含一个访问控制错误问题。此问题允许未经授权创建内部用户,而无需分配任何现有用户角色,这可能导致权限提升或未经授权访问敏感资源。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2024-57378
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Detection for CVE-2024-57378 | https://github.com/rxerium/CVE-2024-57378 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-57378
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-02-13 · 37 CVEs total
| CVE-2025-1094 | 8.1 HIGH | PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding valid |
| CVE-2024-37600 | 6.8 MEDIUM | Mercedes-Benz NTG 安全漏洞 |
| CVE-2024-37602 | 4.6 MEDIUM | Mercedes-Benz NTG 安全漏洞 |
| CVE-2024-56908 | Perfex CRM 安全漏洞 | |
| CVE-2023-34404 | Mercedes-Benz NTG 安全漏洞 | |
| CVE-2023-34401 | Mercedes-Benz NTG 安全漏洞 | |
| CVE-2023-34406 | Mercedes-Benz NTG 安全漏洞 | |
| CVE-2023-34403 | Mercedes-Benz NTG 安全漏洞 | |
| CVE-2024-37601 | Mercedes-Benz NTG 安全漏洞 | |
| CVE-2024-37603 | Mercedes-Benz NTG 安全漏洞 | |
| CVE-2023-34402 | Mercedes-Benz NTG 安全漏洞 | |
| CVE-2024-57782 | docker-proxy 安全漏洞 | |
| CVE-2024-53310 | Effectmatrix Total Video Converter Command Line 安全漏洞 | |
| CVE-2024-53309 | EffectMatrix Total Video Converter Command Line 安全漏洞 | |
| CVE-2025-22961 | GatesAir Maxiva 安全漏洞 | |
| CVE-2025-22960 | GatesAir Maxiva 安全漏洞 | |
| CVE-2024-53311 | Immunity Debugger 安全漏洞 | |
| CVE-2025-22962 | GatesAir Maxiva 安全漏洞 | |
| CVE-2024-54951 | Monica 安全漏洞 | |
| CVE-2025-25352 | PHPGurukul Land Record System 安全漏洞 |
Showing top 20 of 37 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8741
EMQX QoS 2 PUBLISH Packet emqx_persistent_session_ds.erl rac - CVE-2026-8731
Open5GS NRF client.c ogs_sbi_client_add denial of service - CVE-2026-8730
Open5GS NRF context.c ogs_sbi_nf_instance_set_id denial of s - CVE-2026-8729
Open5GS NRF message.c denial of service - CVE-2026-8728
Open5GS NRF conv.c ogs_sbi_discovery_option_parse_plmn_list
V. Comments for CVE-2024-57378
No comments yet