CVE-2024-1651
published 2024-02-20CVE-2024-1651: Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization.
PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
34.00%
98.2th percentile
Torrentpier version 2.4.1 allows executing arbitrary commands on the server.
This is possible because the application is vulnerable to insecure deserialization.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| torrentpier | torrentpier | — | — |
| torrentpier | torrentpier | 0 – 2.4.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Deserialization of Untrusted Data in Torrentpier
ghsa·2024-02-20
CVE-2024-1651 [CRITICAL] CWE-502 Deserialization of Untrusted Data in Torrentpier
Deserialization of Untrusted Data in Torrentpier
Torrentpier version 2.4.1 allows executing arbitrary commands on the server.
This is possible because the application is vulnerable to insecure deserialization.
OSV
Deserialization of Untrusted Data in Torrentpier
osv·2024-02-20
CVE-2024-1651 [CRITICAL] Deserialization of Untrusted Data in Torrentpier
Deserialization of Untrusted Data in Torrentpier
Torrentpier version 2.4.1 allows executing arbitrary commands on the server.
This is possible because the application is vulnerable to insecure deserialization.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-02-20
Published