A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform privilege escalation using a crafted JWT token. This vulnerability is not limited to privilege escalation but also affects all functions that require authentication.
References
Link | Resource |
---|---|
https://github.com/yamerooo123/CVE/tree/main/CVE-2024-50634 | Exploit |
https://youtu.be/wnULru0WdtA | Exploit |
Configurations
History
14 Nov 2024, 20:40
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:sbond:watcharr:*:*:*:*:*:*:*:* | |
References | () https://github.com/yamerooo123/CVE/tree/main/CVE-2024-50634 - Exploit | |
References | () https://youtu.be/wnULru0WdtA - Exploit | |
First Time |
Sbond watcharr
Sbond |
13 Nov 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-319 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
Summary |
|
08 Nov 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-08 17:15
Updated : 2024-11-14 20:40
NVD link : CVE-2024-50634
Mitre link : CVE-2024-50634
CVE.ORG link : CVE-2024-50634
JSON object : View
Products Affected
sbond
- watcharr
CWE