CVE-2024-32880 - pyload is an open-source Download Manager written in pure Python. An authenticated user can change t

CVE-2024-32880

Summary

pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.

References

https://github.com/pyload/pyload/security/advisories/GHSA-3f7w-p8vr-4v5f

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

26-04-2024 - 19:59

Published

26-04-2024 - 18:15

Last modified

26-04-2024 - 19:59