CVE-2024-56086 – Logpoint Report Templates Remote Code Execution

Dec 16, 2024

Description

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in Report Templates. These are executed when the backup process is initiated, leading to Remote Code Execution.

Vulnerability Information

Product / Framework: Logpoint
Vendor Domain: www.logpoint.com
Vulnerability Type: Command Injection
CVE Details: View Full CVE Details →

CVE-2024-56086 – Logpoint Report Templates Remote Code Execution

Description

Vulnerability Information

You may also enjoy…

The Story of a Perfect Exploit Chain: Six Bugs That Looked Harmless Until They Became Pre-Auth RCE in a Security Appliance

Inside PostHog: How SSRF, a ClickHouse SQL Escaping 0day, and Default PostgreSQL Credentials Formed an RCE Chain (ZDI-25-099, ZDI-25-097, ZDI-25-096)

The Chessboard of Security: Insights on Product Development and Vulnerabilities from a Hacker Perspective

Digital Cosmos: A Journey Through the Galaxy of Vulnerabilities

CVE-2021-3825 | LiderAhenk 0day – All your PARDUS Clients Belongs To Me