An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
References
Link | Resource |
---|---|
https://chocapikk.com/posts/2024/cve-2024-31819/ | Exploit Third Party Advisory |
https://github.com/Chocapikk/CVE-2024-31819 | Exploit |
https://github.com/WWBN/ | Product |
https://github.com/WWBN/AVideo | Product |
https://chocapikk.com/posts/2024/cve-2024-31819/ | Exploit Third Party Advisory |
https://github.com/Chocapikk/CVE-2024-31819 | Exploit |
https://github.com/WWBN/ | Product |
https://github.com/WWBN/AVideo | Product |
Configurations
History
17 Jun 2025, 20:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:wwbn:avideo:*:*:*:*:*:*:*:* | |
First Time |
Wwbn
Wwbn avideo |
|
References | () https://chocapikk.com/posts/2024/cve-2024-31819/ - Exploit, Third Party Advisory | |
References | () https://github.com/Chocapikk/CVE-2024-31819 - Exploit | |
References | () https://github.com/WWBN/ - Product | |
References | () https://github.com/WWBN/AVideo - Product |
21 Nov 2024, 09:13
Type | Values Removed | Values Added |
---|---|---|
References | () https://chocapikk.com/posts/2024/cve-2024-31819/ - | |
References | () https://github.com/Chocapikk/CVE-2024-31819 - | |
References | () https://github.com/WWBN/ - | |
References | () https://github.com/WWBN/AVideo - |
28 Aug 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-94 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
10 Apr 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-10 20:15
Updated : 2025-06-17 20:56
NVD link : CVE-2024-31819
Mitre link : CVE-2024-31819
CVE.ORG link : CVE-2024-31819
JSON object : View
Products Affected
wwbn
- avideo
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')